I'm not a fan of sudo, mostly because my previous distros did not use it. That being said I never default log in as root because there is no need.

Me either! So I don't use it. I "su -" instead.

In my experience, there has been.

I don't remember which computer it was, but I had one that I so horribly screwed up my account on that I couldn't log in with it. root to the rescue! Logged in as root, fixed the offending problem, and back in business.

Also, on one of my more recent laptops, I had a problem like I've written about for this one, with the splash screen I've chosen in settings not sticking. I had a vague recollection of fixing that last time by logging in as root, so yesterday, after getting that working, I logged in and repeated the steps I thought I did before...but, alas, my splash screen still doesn't stick. *sigh* FWIW, what I recalled doing last time was logging in as root and running System Settings--for some reason, this was different than running SS *as* root from a normal login. Then, in SS, I picked the splash screen I wanted, applied it, logged out, and there it was! Not so this time...

The last time I borked my pc was years ago. I spent a day fussing about and finally just wiped and load (of course I have a good backup) So logging in as root has little benefit for me

My understanding is that not allowing root login is primarily a security measure, rather than to protect against clueless use of the login. There are bots scanning the internet address space trying to login as root, and they get interested if they get asked for a password. Another scenario, perhaps more common these days, are bad guys pivoting from IOT devices that have been exposed to the internet; there are now, or soon will be, millions of such devices with weak security.

If you want to run as root, you can use sudo -i . With a desktop environment, in normal use one is already logged in; would you want to end a session, or switch sessions, just to run as root?

But any system will prompt for a password if 'root' is entered as the username--regardless of whether or not root logins are enabled. You know what I mean? Assume that you do *not* have root logins enabled. Log out, go to your login screen--the kind where you have to type in a username--put 'root' as the user, and see what happens. It prompts for a password, right?

I [rarely] use sudo -i but I'm not a big fan of it, or sudo in general. During a normal session, I want to remain logged in--that's why I use su - instead of logging out and back in as root. I generally have one Konsole tab open as root, and one or more other tabs as my regular user. The only times I physically log in as root are as described above, where I so hopelessly borked my account that I couldn't log in with it, or when a specific need arises, as described earlier when I fixed a splash screen issue that way. Other than that, I only use a real root login once every few months, just to satisfy my obsessive need to be sure it works. I don't want to find out the hard way that I *thought* I set it up but really didn't!

When I did it, logging in as root and editing the offending file solved the problem in a minute--not a day plus a reinstall! But to each their own. Ah, the beauty of choice... Linux.

I agree with jlittle .
Mostly I issue "sudo -i" and from that root console I use my CLI foo, or use mc, or run "/make_snapshots.sh", or do other maintenance work. I don't use "sudo somecommand" very often.

Thinking about it, a lot of my aversion to root logins, or working with a root shell, comes from working in teams where I'd be something of a technical lead (mostly because I'd read documentation) with (cough, cough) uneven skills or experience, and seeing the screw ups coming from sloppy use of root (or other privileged logins). It's not so much that I didn't trust myself, more that I didn't trust others learning from my example. This is similar to helping people here at KFN; minimizing root use may be crucial example to someone. I'm not primarily thinking of other members; we don't know who search engines will direct to our posts.

You are correct. This is also a security measure, the system will ask for a password whatever you enter as the username (otherwise it would be simple to deduce valid usernames by checking whether you get a password prompt). The security impact of an enabled root account comes mostly from the fact that most automated break-in tools brute-force only the "root" account for the simplicity (or possibly a few other common usernames such as "admin"...trying different usernames and passwords adds complexity very quickly). Network attacks are a numbers game, you attack millions of hosts and find the weak targets, you don't generally want to waste a lot of time or resources for specific targets.

"sudo -i" and "su -" have no functional differences in this regard. The only functional difference where it would really matter (that I can think of) is starting dolphin as root...and that could be easily mitigated is by running "unset SUDO_USER" (which you could easily run automatically in /root/.bashrc, if you use bash, for example).

sudo has been around since the 80s (it predates linux by roughly a decade). A lot of us UNIX "old-timers" are quite familiar with it and it's advantages.

Like Linux, it's all about personal choice kubicle!

I'd never heard of 'sudo' until I started using *buntu in 2005. If it was present in any OS I was using before that, I sure didn't know about it! I tried using it, but I just don't like it. For me, su - makes my life simpler and easier.

I understand your reasoning about root logins, and it makes perfect sense--for you. For me, other than *one* semi-mortal mistake as root--back in ~1987(?)--I learned my lesson and have *never* screwed up again. As root. Now, as a regular user, I've done everything you can imagine, from making my account unusable to hopelessly borking a brand new computer during setup. But root and its power/advantages, I respect like crazy and just don't screw up when using it.

I'm fine with that, you and everyone else can run their systems as they choose

It has been available long before that, though not necessarily installed by default or configured like it is in *buntus. Before *buntus (and MacOS), it's usage was more prevalent in multi-user and/or networked environments where it's security enhancements (like finer grained access control and logging of commands were more critical features).

That was what I was curious about. I was interested about the "I don't like it", which doesn't really say much. I wanted to know if there were specific reasons for not liking it or whether it was more like this is the way I am accustomed to.

The point I was trying to make that having the root account locked improves system security for most users, the reasoning behind it is not "prevent user's from shooting themselves in the foot with the root account"...user's are generally just as capable of doing that with sudo.

While this isn't "just my opinion", I didn't really mean that users who know what they are doing (like you) can't run their systems securely with the root account enabled. But we all know the majority of users really don't know what they are doing (although people who have found their way to linux are generally more competent than the general populace).

For me, it's a bit of both. su -, once issued in a terminal, lets me come back to it throughout the day without having to re-validate over and over again. With sudo you're limited (by time? by number of actions? I don't know--I haven't used it enough to know its finer points). But, yes, it's also what I'm used to. And like.

I kind of disagree. Sure, a really determined person who's bent on screwing up their computer can do it with sudo, but I see a much greater likelihood of doing that when you're actually logged in as root. One typo, one errant command, one itsy-bitsy mistake can be catastrophic. And when you're logged in as root, it's easy to lose track of that fact! Like you get busy doing other stuff and really don't think about it. With sudo, you have to continually type its command and enter your password....this is a reminder that you're doing something serious.

When I started using *buntu, I was actually shocked that logging in as root was disabled by default. I'd never seen or heard of any *nix doing that--and I definitely didn't like it. My *nix route looks something like this: Tandy Xenix, SCO, Coherent, [several different Linux distros, including Red Hat], Kubuntu. I'm not aware of any of those disabling root logins other than [K]Ubuntu; if they did, I didn't know about it!

Ubuntu 'disabling root login' by default is strictly a *buntu thing. Doing it goes against industry 'established norms' that nearly every other distribution of Linux adheres to -- I believe.

That explains why I never saw it in any other distro I tried! Thanks. It also reinforces my thinking about their thinking regarding windows users, since Ubuntu is the #1 Linux distro and has the most windows converts. It makes sense that they'd proactively do something to limit potential damage done by windows 'experts' who think they're in control--despite the OSes being like apples and oranges!