This page is specific to Ubuntu versions 8.04, 8.10, 9.04, 9.10, 10.04, 10.10 and 12.04
If you find this information applicable to additional versions/releases, please edit this page and modify this header to reflect that. Please also include any necessary modifications for this information to apply to the additional versions.
NOTE: Please use this page as a reference for other pages instead of simply copying the code.
Create admin account
By default in Ubuntu (server and chroot filesystems), the 'root' account is locked and users are advised to use 'sudo' to perform administrative tasks. This is a good idea.
This page is dedicated to creating an administrative user account in the LTSP client chroot environment.
To become root, the adminname user only needs to:
sudo -s -H
Create an adminname account inside the chroot:
- NOTE: When you will execute the visudo step (see instructions below) add to end of /etc/sudoers file:
# Members of the sudo group may gain root privileges %sudo ALL=(ALL) ALL
sudo -s -H chroot /opt/ltsp/i386 useradd -m adminname -G sudo passwd adminname visudo exit exit
- Lastly, update the client image to reflect the changes we just made:
- Alternatively, if you have a 64-bit server and 32-bit thin clients, use this command instead, both this time and throughout the rest of this page.
sudo ltsp-update-image --arch i386
How to 'lock' the account
sudo chroot /opt/ltsp/i386 passwd -l adminname sudo ltsp-update-image
How to 'unlock' the account
sudo chroot /opt/ltsp/i386 passwd -u adminname sudo ltsp-update-image
Additional security measure
Disable root login by editing sshd_config
sudo vi /opt/ltsp/i386/etc/ssh/sshd_config
Change PermitRootLogin to no:
Maybe add a security Banner
#Banner /etc/issue.net Banner /etc/ssh/warning
Then create the warning file:
sudo vi /opt/ltsp/i386/etc/ssh/warning
*** WARNING *** THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS FOR AUTHORIZED USE ONLY.