Identity and Access Management
Unused Linux Users: Delete or Keep Them?
Got unused or unknown system accounts on your Linux system? This article explains the different strategies and actions to take and keep the system healthy.
Summary
We get often the question what one should do with unused users on Linux. Everyone who looked in the /etc/passwd file will recognize them, strange usernames. A great example is UUCP, or Unix-to-Unix Copy. Once used for communication on direct lines, now another piece of history in our password files. The Options Before we make any decision on dealing with unused Linux accounts, we should look at the most obvious choices we have.
What is the ‘toor’ user on FreeBSD?
When installing and using FreeBSD, you may wonder why there are two users with user ID of zero. What is this second user 'toor' and do we need it?
Summary
What is the ’toor’ user on FreeBSD? Linux and *BSD systems have by default a root user installed. As it has a user ID of zero (0), it gains the highest level of permissions from the kernel. On FreeBSD systems, there is also the ’toor’ user, with the equal high-level user ID of zero. It is simply the reversed version of ‘root’, and installed as a backup account. By default, it has no shell assigned, so it can’t log in.
5 Tips to protect the Root account
The root account is a special account for Unix based systems. Protecting it with the right measures, secures the system and decreases system compromises.
Summary
Like systems running Windows have an account named Administrator, Unix systems have their equal named “root”. This user with user id zero (0), have unlimited access to the system. Most applications implementing user access controls, apply a “backdoor” to allow this root user always access. This applies to access data, killing processes, starting kernel modules and more. Tips to protect the root user Since the root user has unlimited access to the system, it make sense to protect this account carefully.