What I should do with System generated root access password

August 1, 2016 2.3k views
Configuration Management Deployment Server Optimization WordPress

Hi, I am using SSH key to login my droplet. Recently I migrated the droplet to a new datacenter. When I created a droplet from snapshot, in the welcome email, there was a root access password. But access to my droplet is enabled through SSH Key. So, what i should do with this system generated root access password. Should I ignore it or what ?

3 Answers

Well, I personally would lock the root account and add another account with sudo priviledges, block ssh as root and just use the SSH key.

Rendering the original root password useless :)

  • How to lock root account? Do you have any tutorial?

    • To lock the root account you run:

      sudo passwd -l root

      and you're done, make sure to have a user than can sudo before or you are locked out :-)

Before running the command, take a snapshot.

Have another answer? Share your knowledge.