welp, I still need to add myself to the sudo group and sudoers file, and that’s something I need a root shell for. (unless I always miss some options during setup to make my user automatically a sudoer)
You did. If you leave your root password blank it’ll automatically add the user account you create in the following step to sudo and disable the root account.
If you want to have both a root account and a user account with sudo, you’ll have to do that manually, but that’s a pretty unusual setup.
Yeah, general practice is to either elevate privelige by switching accounts, or by using sudo. Having both just increases your attack surface to no practical benefit (especially since you can technically still switch to a root account with “sudo - i” even if you’re going the sudo route).
welp, I still need to add myself to the sudo group and sudoers file, and that’s something I need a root shell for. (unless I always miss some options during setup to make my user automatically a sudoer)
You did. If you leave your root password blank it’ll automatically add the user account you create in the following step to sudo and disable the root account.
If you want to have both a root account and a user account with sudo, you’ll have to do that manually, but that’s a pretty unusual setup.
oh wow, I did not know this
Nor this, but you are right if I think about it.
Yeah, general practice is to either elevate privelige by switching accounts, or by using sudo. Having both just increases your attack surface to no practical benefit (especially since you can technically still switch to a root account with “sudo - i” even if you’re going the sudo route).
Fair enough. Although technically the system works without that. Just not for long maybe?
I mean it’s Debian, it’s stable, it should work without ever updating your system :P
(though one could always log in as root in a separate session, too…)