I wonder if the question is in reference to unlocking the root account and setting a password for it. I don’t know of any distros that actually have an unlocked root account and leave its password as empty, but I suppose its not completely impossible.
That being said, if an attacker gets physical access to your PC, its game over anyways. If your drive isn’t encrypted with something like LUKS, then they can just boot up a live USB of whatever distro they want, mount the drive, and have easy access to its contents.
Ideally if you want to protect your PC against physical attacks, you’ll at the minimum want some sort of drive encryption enabled, and preferably with Secure Boot enabled with your own keys enrolled if your machine supports it.
A lot of distros “lock” the root account, a locked account cannot be logged into. You can generally do this way say, usermod -L account_name to lock an account, or usermod -U account_name to unlock one (there are numerous ways to do).
I couldn’t remember if setting a password for an account auto-unlocked it, I believe at one point this was the case but wasn’t 100% sure.
I wonder if the question is in reference to unlocking the root account and setting a password for it. I don’t know of any distros that actually have an unlocked root account and leave its password as empty, but I suppose its not completely impossible.
That being said, if an attacker gets physical access to your PC, its game over anyways. If your drive isn’t encrypted with something like LUKS, then they can just boot up a live USB of whatever distro they want, mount the drive, and have easy access to its contents.
Ideally if you want to protect your PC against physical attacks, you’ll at the minimum want some sort of drive encryption enabled, and preferably with Secure Boot enabled with your own keys enrolled if your machine supports it.
what do you mean by ‘locked’ exactly?
A lot of distros “lock” the root account, a locked account cannot be logged into. You can generally do this way say,
usermod -L account_nameto lock an account, orusermod -U account_nameto unlock one (there are numerous ways to do).I couldn’t remember if setting a password for an account auto-unlocked it, I believe at one point this was the case but wasn’t 100% sure.
does using su count as logging in? because i can do that just fine
I actually can’t recall off the top of my head, however if you can login with
suthen it shouldn’t be a problem either way.But to the root (ha!) of your original question, yes definitely make sure to set a password for the root account.