VPS Hosting and Root Access

I have a fairly poor knowledge of * nix virtualization capabilities and try to clarify one thing. If you have root on the host machine, does this always mean that it has root on all virtual machines on that host? If so, can there be a dummy setup where it is not?

I ask why I heard two different answers to this question from two different administrators. One said that he has a root for everything, the other claimed that he does not, and he needs my password.

Share your experience with VPS hosting providers, do they have roots in your environment?


It's not that I'm afraid to lose data, I just want to have some ideas and words for google for ;-) Thanks everyone!
+2
source share
6 answers

Ultimately, root on the VM host is the same as physical access to a regular machine. They cannot just “log in” to the virtual machine as root (well, you can with some virtualization technologies such as OpenVZ), but they can get into the VM file system, change the root password (or set something to capture the password) and go from there.

You should have exactly the same trust in your VPS hosting provider as in your colo provider, because they have exactly the same level of access and the ability to do bad things to your service.

+3
source

For VPS providers that use Virtuozzo, which is based on OpenVZ, the root of the host has access to the entire file system (even the guest). And with a simple command like

  vzctl enter <VM_ID> 

They get roots and can pretty much do whatever they like.

I agree to the trust mentioned by womble.

+3
source

In vps hosting or simple vps, they provide you with an interface in which you can control your vps and have some options, such as rebooting, shutting down, setting windows. It depends on the company you are buying from. You have almost root access to your vps, just open the putty and connect to vps by providing a vps ip address and ready to go

+2
source

You seem a little confused about how virtualization works. Think about whether your question was as follows:

"If I let someone sit on my computer, do they have root privileges?"

A virtual machine is simply an image that "represents" this machine. This is not fundamentally different from the fact that you had your own physical machine managed by a hosting provider.

One exception may depend on the installation process of the provider. They ask you for the initial root password to configure your VPS? If so, they can record it, but as soon as you first enter your environment, if you change it, they will no longer know about it.

+1
source
  • If you change your root password and don’t give it to anyone, you can log in as root.

  • If someone had their own root password, it is very difficult (almost impossible) to know that they do not place any backdoor on the system to allow them to restore privileges by any number of mechanisms. This “someone” may be your host’s technology, which sets up your VPS or someone else, for that matter.

  • Just because someone has a root password for the host does not mean that you have a root password for your virtual machine. However, most likely, this means that they can do something unpleasant for you in all forms (changing the contents of your file system ... presumably, they could even be broken a bit to change the root password to what they know) .

-1
source

MySQL is a database management system that allows you to manage relative databases. MySQL is open source software that any user can access for free. And also you can change the MySQL source code to meet all your requirements. The root password for MySQL allows the root user to have full access to MySQL information. To do this, you need to have Linux root privileges or a Windows administrator to access the VPS hosting, a dedicated or cloud server, to reset the MySQL root password, and this password allows access to the server.

-3
source

Source: https://habr.com/ru/post/1403953/


All Articles