Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Unlock Root Access in Ubuntu

Enabling the default root password in Ubuntu allows direct root login, providing full system control. This guide walks you through securely unlocking root access while maintaining system security. Learn the essential steps to set a root password, enable root login, and follow best practices to safeguard your system.

By default, Ubuntu disables the root account for security reasons and encourages the use of sudo. However, if you want to enable the root account.

Follow these steps:

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Step 1: Set a Root Password

The root account exists but is locked by default. You need to set a password for it.

      sudo passwd root
    

• You will be prompted to enter and confirm a new root password.

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Step 2: Switch to Root User

Once the password is set, you can log in as root using:

      su -
    

• Enter the root password you just set.

OR:

      sudo -i
    

• This gives you a root shell without needing to set a password.

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Step 3: Allow Root Login via SSH (Optional)

If you want to allow root login over SSH, edit the SSH configuration file:

      sudo nano /etc/ssh/sshd_config
    

Find the line:

      PermitRootLogin prohibit-password
    

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

# Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile     .ssh/authorized_keys .ssh/authorized_keys2

Change it to:

      PermitRootLogin yes
    

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

# Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile     .ssh/authorized_keys .ssh/authorized_keys2

Save the file (Ctrl + X, then Y and Enter), and restart SSH:

      sudo systemctl restart ssh
    

Check the SSH status:

      sudo systemctl status ssh
    

root@SG-EVE-NG-PRO:~# sudo systemctl status ssh
● ssh.service - OpenBSD Secure Shell server
     Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2025-03-02 09:55:41 UTC; 56min ago
       Docs: man:sshd(8)
             man:sshd_config(5)
   Main PID: 2234 (sshd)
      Tasks: 1 (limit: 115612)
     Memory: 5.5M
        CPU: 58ms
     CGroup: /system.slice/ssh.service
             └─2234 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"

Mar 02 09:55:41 SG-EVE-NG-PRO systemd[1]: Starting OpenBSD Secure Shell server...
Mar 02 09:55:41 SG-EVE-NG-PRO sshd[2234]: Server listening on 0.0.0.0 port 22.
Mar 02 09:55:41 SG-EVE-NG-PRO sshd[2234]: Server listening on :: port 22.
Mar 02 09:55:41 SG-EVE-NG-PRO systemd[1]: Started OpenBSD Secure Shell server.
Mar 02 10:47:12 SG-EVE-NG-PRO sshd[131170]: Accepted password for root from 192.168.21.119 port 51776 ssh2
Mar 02 10:47:12 SG-EVE-NG-PRO sshd[131170]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Step 4: Verify Root Access

Check if you can switch to root:

      su -
    

      whoami
    

It should return:

      root
    

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Step 5: (Optional) Disable Root Login Again for Security

If you no longer need root login, you can disable it by locking the password:

      sudo passwd -l root
    

This prevents direct root login while still allowing sudo access.

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Best Practices for Security

• Instead of using root, it’s better to use sudo:

      sudo -s
    

• If you must use root, ensure SSH root login is disabled unless necessary.
• Use key-based authentication instead of passwords for SSH.

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Conclusion

Enabling the default root password in Ubuntu allows direct root login, providing full system control. This guide walks you through securely unlocking root access while maintaining system security. Learn the essential steps to set a root password, enable root login, and follow best practices to safeguard your system.

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

Useful Links

https://ubuntu.com/tutorials

https://sanchitgurukul.com/tutorials-cat

Unlock Root Access in Ubuntu: Enable Default Root Password Securely & Easily

This article provided insights on the topic. For latest updates and detailed guides, stay connected with Sanchit Gurukul.