Best Practice for setting passwords for Ubuntu user to restrict access to privileged root access
I am still new to ubuntu, i want to understand the best practice to restricting access to elevating access to root (i.e via sudo su). Would it be good enough to set a password for the ubuntu user (this seems to ask for a password when doing sudo su) or should there be addtional considerations to consider?
In my current test Ubuntu enviroment (hosted on AWS) i have set the password for the ubuntu user as well as run the following command:
sudo sed -re 's/NOPASSWD://' -i.`date -Iseconds` /etc/sudoers.d/90-cloud-init-users which removes the no password requirement for the ubuntu user. I also noticed that new lines
ubuntu ALL=(ALL) NOPASSWD:ALL gets added if you do a relaunch of the instance from an AMI backup, is this normal behaviour?
Cloud instances you can not compare with a regular desktop. Those are servers you connect to using SSH.
If someone gets onto your machine you already lost the fight so a Cloud instance can be an Ubuntu up with a passwordless admin.
Would it be good enough to set a password for the ubuntu user (this seems to ask for a password when doing sudo su)
No need for a password.
or should there be addtional considerations to consider?
SSH Private Keys is what you want. Plus if needed: a location or machine specific lock. Our cloud instances I can connect to from home, or work and nowhere else unless I first get permission to do so.
I also noticed that new lines ubuntu ALL=(ALL) NOPASSWD:ALL gets added if you do a relaunch of the instance from an AMI backup, is this normal behaviour?
GCE/Google does that too. It is (likely) to ensure you always can get into the machine as restoring a backup is something that is done when there is some sort of trouble. If you forget your password your instance that is the only way to get back into it: there is no live session or grub prompt to fall back to. In that case passwordless admin is better.
ubuntu user and password are merely there so you can do your initial login and configuration of your cloud system. Best practice is to create your own admin account and use your own SSH keys, then disable (or delete; we tend to disable it) the
ubuntu user. Other logins should use their own accounts created by an admin. None of them should ever be using the
For the same reason you do not upgrade a cloud but create a copy of your userdisk and connect it to a new systemdisk.