Locks the root account password to prevent password-based root logins.
Note
This does not remove administrative access for users who already have valid sudo privileges. Users may still be able to gain a root shell through tools such as sudo su or sudo -i.
- Bash 4.0 or newer
- Root privileges
usermod
From the repository root:
sudo ./hardening/Root\ Locker/root-locker.bashOR from the script directory:
sudo ./root-locker.bashCheck the root account state with:
sudo passwd -S rootThe second field in the output shows the account status. L means the password is locked.
You can also confirm sudo access from a non-root administrative account:
sudo -v- Ubuntu 24.04, 22.04, 20.04
- Debian 11, 10, 9
See CHANGELOG.md.