# [RESOLVED] Renaming root account



## fred974 (Jun 14, 2014)

Hello everyone,

Could someone tell me if renaming the root user account will have any negative impact on the system? The reason to do this is for security.

Thank you all in advance.

Fred


----------



## storvi_net (Jun 14, 2014)

*Re: Renaming root account*

Why do you think this would be better for the system security? What you are trying to do is named "security by obscurity" and is always a bad idea. Let your root account named root and use other security best practices, like shut down unused services, use secure protocols and always update your system.

Regards,

Markus


----------



## fred974 (Jun 16, 2014)

*Re: Renaming root account*



			
				storvi_net said:
			
		

> Why do you think this would be better for the system security? What you are trying to do is named "security by obscurity" and is always a bad idea. Let your root account named root and use other security best practices, like shut down unused services, use secure protocols and always update your system.
> 
> Regards,
> 
> Markus


Thank you for your advice.

I was hoping that if someone gets access to my admin account, a `su -` will still not let people straight into the system.


----------



## junovitch@ (Jun 16, 2014)

*Re: Renaming root account*

Why ask? Try it.  I was curious so I just renamed root to superuser on a VM and it looks like while it does cause some errors from /etc/newsyslog.conf referring to root by default, it does work.  I logged in as the new username.  As a normal user, `su -` just says "BAD SU testuser to root".  But in all seriousness, one quick `ls -al /` and it shows all directories owned by "superuser:wheel".  Net gain is a whole one second of security for someone to look who owns files that are UID 0. If they already knew the password they would need to do `su -`, then they could easily look and type `su - superuser`.  There would be far more useful things you can do to genuinely improve security.


----------



## fred974 (Jun 17, 2014)

*Re: Renaming root account*

Hi @junovitch,

Thank you for the reply. I guess I should really set[]up a VM as you did to do my testing. I have no clue on what am I doing at the moment in term of security. I follow an online tutorial but without really understanding it all. Are you aware of any FreeBSD training in the UK that I could attend? I'm not good with books due to a bit if dyslexia  I'm ok with online video if you have any links*.*


----------



## SirDice (Jun 17, 2014)

*Re: Renaming root account*



			
				fred974 said:
			
		

> I was hoping that if someone gets access to my admin account, a `su -` will still not let people straight into the system.


Only members of the wheel group are allowed to use su(1). Besides that, a `su -` will switch to the root account regardless of what it's named. It's the UID that matters. Also remember that somebody would also need to know root's password.


----------



## SirDice (Jun 17, 2014)

*Re: Renaming root account*



			
				fred974 said:
			
		

> I have no clue on what am I doing at the moment in term of security. I follow an online tutorial but without really understanding it all.


Have a look at security(7) and Unofficial FreeBSD Security Checklist / Links / Resources.


----------

