Thanks for using Security Onion!
Are you running from the Live environment or did you perform an
installation? If running Live, you should be logged in as
"securityonion" and you should be able to use sudo without being
prompted for password. Since you said that "securityonion" was not in
/etc/passwd, I assume you performed an installation. In that case,
you should be logging in with the user you created in the installer.
You should then be able to use sudo and enter your user password when
prompted.
For more information about sudo, please see:
https://help.ubuntu.com/community/RootSudo
Please let us know whether or not that helps.
Thanks,
--
Doug Burks, GSE, CISSP
President, Greater Augusta ISSA
http://augusta.issa.org
http://securityonion.blogspot.com
The FAQ is correct. There is *no* root password. The root account is
locked. From the link I sent earlier:
"By default, the Root account password is locked in Ubuntu. This means
that you cannot login as Root directly or use the su command to become
the Root user."
You can confirm that there is *no* root password by running the
following command:
sudo grep root /etc/shadow
Notice that the second field is an "x", meaning there is no password
and the account is locked.
For more information, please see:
http://en.wikipedia.org/wiki/Shadow_password
Thanks,
--
Doug Burks, GSE, CISSP
President, Greater Augusta ISSA
http://augusta.issa.org
http://securityonion.blogspot.com
If the root account on your box has a password, you must have set it.
Perhaps you did something like this?
sudo passwd
Or perhaps this?
sudo -i
passwd
Either one of these would have set the password for the root account.
If you would like to lock the root account to return to the default
configuration, you can do this:
sudo passwd -l root
Thanks,
--
Doug Burks, GSE, CISSP
President, Greater Augusta ISSA
http://augusta.issa.org
http://securityonion.blogspot.com
In the future, please open a new thread instead of replying to an old one:
If you are looking to change the password for the Ubuntu user you could do:
sudo passwd user
If you are looking to recover the password for the Ubuntu user, you could do something similar to the following (at console/machine):
https://help.ubuntu.com/community/LostPassword
If you are looking to reset the password for the Security Onion user (Sguil/Squert/ELSA), you could do:
sudo nsm_server_user-passwd
Then specify the name of the user, etc.
Thanks,
Wes