I have got rather poor understanding of *nix virtualization abilities and seeking to clarify one factor. If a person has root on host machine, will it always imply that he's root on all VMs of this host? If so, then could there be considered a bogus setup where this isn't true?

I am asking cause I heard two different solutions to that particular question from two different admins. One stated he has root to everything, another stated he don't and that he needs my password.

Please share your knowledge about VPS hosting companies, have they got roots for your atmosphere?


It isn't that I am afraid to get rid of the information, would like to possess some experience and words to google for -) Thanks everybody!

Ultimately, getting root around the VM host is equivalent to getting physical use of a normal machine. They cannot just "login" towards the VM as root (well, you are able to with a few virtualisation technologies like OpenVZ) however they could possibly get in to the VM's filesystem, alter the root password (or install something to capture the password) and range from there.

You must have the identical rely upon your VPS hosting company while you use your colo provider, simply because they have the identical degree of access and capability to do bad items to your merchandise.

For VPS companies who use Virtuozzo which is dependant on OpenVZ, the main from the host does have the whole filesystem (the guest's). With an easy command like

vzctl enter <VM_ID>

They gain root and may virtually do anything whatsoever that like.

To be sure about trust pointed out by womble.

You appear just a little unclear about how virtualization works. Determine that your question was the next:

"Basically let someone sit lower inside my computer, have they got root access?"

An online machine is essentially just a picture that "signifies" that machine. It's conceptually the same as should you have had your personal physical machine controlled through the host company.

One exception might be determined by the provider's setup process. Will they request you to have an initial root password to setup your VPS with? If that's the case, they might record that, but when you log to your atmosphere the very first time, should you change it out they ought to no more have understanding from it.

  1. Should you improve your root password and do not create it for anybody, you're the only one that will sign in as root.

  2. If a person has ever endured your root password, it's very hard (dang near impossible) to understand they did not place some type of backdoor around the system to enable them to restore rights by a variety of systems. That "someone" may be the tech at the host that setup your VPS, or other people, for your matter.

  3. Simply because someone has got the root password towards the host, does not necessarily mean they've the main password for your virtual machine - however, it in all probability entails they could do mean, nasty items to you in a myriad of shateringly creative ways (altering the items in your filesystem...most probably they might even bit-mangle enough to modify your root password to something they are doing know.)