第一步
首先登入系統,建立root使用者的密碼
在終端輸入指令:
sudo passwd root
然後輸入設定的密碼,這樣就完成了設定root使用者密碼的步驟
第二步
修改檔案
sudo nano /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf #管理者nano指令編輯'50-ubuntu.conf'
在檔案末尾增加如下兩行:
greeter-show-manual-login=true'
all-guest=false
如下:
[Seat:*]
user-session=ubuntu
greeter-show-manual-login=true
all-guest=false
第三步
修改 /etc/pam.d/gdm-autologin和 /etc/pam.d/gdm-password
sudo nano /etc/pam.d/gdm-autologin #管理者nano編輯'gdm-autologin'檔案
注釋掉auth required pam_succeed_if.so user != root quiet_success這一行(第三行左右)
檔案配置可參考以下:
#%PAM-1.0
auth requisite pam_nologin.so
#auth required pam_succeed_if.so user != root quiet_success
auth optional pam_gdm.so
auth optional pam_gnome_keyring.so
auth required pam_permit.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so cl$
session required pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so op$
session optional pam_keyinit.so force revoke
session required pam_limits.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale
@include common-session
session optional pam_gnome_keyring.so auto_start
@include common-password
sudo nano /etc/pam.d/gdm-password #管理者nano編輯'gdm-password'檔案
注釋掉 auth required pam_succeed_if.so user != root quiet_success這一行(第三行左右)
#%PAM-1.0
auth requisite pam_nologin.so
#auth required pam_succeed_if.so user != root quiet_success
@include common-auth
auth optional pam_gnome_keyring.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so cl$
session required pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so op$
session optional pam_keyinit.so force revoke
session required pam_limits.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale
@include common-session
session optional pam_gnome_keyring.so auto_start
@include common-password
第四步
修改/root/.profile檔案
sudo nano /root/.profile #管理者nano編輯'.profile'檔案
将檔案末尾的
mesg n || true
這一行修改成
tty -s&&mesg n || true
# ~/.profile: executed by Bourne-compatible login shells.
if [ "$BASH" ]; then
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
fi
tty -s&&mesg n || true
#mesg n || true
第五步
sudo gedit /etc/ssh/sshd_config #管理者nano編輯'sshd_config'檔案
在
#PermitRootLogin prohibit-password
下添加:
PermitRootLogin yes
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin prohibit-password