第一步
首先登录系统,创建root用户的密码
在终端输入命令:
sudo passwd root
然后输入设置的密码,这样就完成了设置root用户密码的步骤
第二步
修改文件
sudo nano /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf #管理员nano命令编辑'50-ubuntu.conf'
在文件末尾增加如下两行:
greeter-show-manual-login=true'
all-guest=false
如下:
[Seat:*]
user-session=ubuntu
greeter-show-manual-login=true
all-guest=false
第三步
修改
/etc/pam.d/gdm-autologin和 /etc/pam.d/gdm-password文件
sudo nano /etc/pam.d/gdm-autologin #管理员nano编辑'gdm-autologin'文件
注释掉auth required pam_succeed_if.so user != root quiet_success这一行(第三行左右)
文件配置可参考以下:
#%PAM-1.0
auth requisite pam_nologin.so
#auth required pam_succeed_if.so user != root quiet_success
auth optional pam_gdm.so
auth optional pam_gnome_keyring.so
auth required pam_permit.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so cl$
session required pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so op$
session optional pam_keyinit.so force revoke
session required pam_limits.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale
@include common-session
session optional pam_gnome_keyring.so auto_start
@include common-password
sudo nano /etc/pam.d/gdm-password #管理员nano编辑'gdm-password'文件
注释掉 auth required pam_succeed_if.so user != root quiet_success这一行(第三行左右)
文件配置可参考以下:
#%PAM-1.0
auth requisite pam_nologin.so
#auth required pam_succeed_if.so user != root quiet_success
@include common-auth
auth optional pam_gnome_keyring.so
@include common-account
# SELinux needs to be the first session rule. This ensures that any
# lingering context has been cleared. Without this it is possible
# that a module could execute code in the wrong domain.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so cl$
session required pam_loginuid.so
# SELinux needs to intervene at login time to ensure that the process
# starts in the proper default security context. Only sessions which are
# intended to run in the user's context should be run after this.
session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so op$
session optional pam_keyinit.so force revoke
session required pam_limits.so
session required pam_env.so readenv=1
session required pam_env.so readenv=1 user_readenv=1 envfile=/etc/default/locale
@include common-session
session optional pam_gnome_keyring.so auto_start
@include common-password
第四步
修改/root/.profile文件
sudo nano /root/.profile #管理员nano编辑'.profile'文件
将文件末尾的mesg n || true这一行修改成
tty -s&&mesg n || true
文件配置可参考以下:
# ~/.profile: executed by Bourne-compatible login shells.
if [ "$BASH" ]; then
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
fi
tty -s&&mesg n || true
#mesg n || true
第五步
sudo gedit /etc/ssh/sshd_config #管理员nano编辑'sshd_config'文件
在 #PermitRootLogin prohibit-password
下添加:PermitRootLogin yes
文件配置可参考以下:
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin prohibit-password