#Linux devices have a unique identifier called machine-id. Here is how to change it.
Posted on February 24, 2021
What is a machine-id, and why should you randomize it? From the machine-id man pages, it is defined as:
In an effort to promote privacy, having a unique and unchanging identifier tied to your device seems like the wrong approach. It’s quite possible that poorly coded or even maliciously coded software could fetch this ID from your system. Let’s make sure that even if that does happen, that the value is constantly changing so that your device can not be uniquely identified as your device.
This is an incredibly simple and quick adjustment to your default Linux system. What we’re doing is showing you how to either adjust this value manually by hand, or by running a cronjob to change this value every minute with a new, randomized value.
Before we begin, a disclaimer: We’ve tested this on our own work desktops and development environments and I’ve tested it on my daily driver desktop. We have not found that anything has ‘broken’ because of this, but this is untested in many environments and may not be suitable for your use. It’s always reversible if you later wish to continue with a single, uniquely identifying ID attached to your device(s).
Debian / Ubuntu systems
To check your machine-id, open up your terminal and enter the following:
The output should look a little something like this:
You’ll note that this value is also stored in /var/lib/dbus/machine-id and that a symlink between the two exist. Any change to one file, will be reflected in the other.
If you reboot your device, you’ll notice that this value remains unchanged. So, let’s change it ourselves!
Method 1: Manually.
Method 2 is automatically, every minute, as ran by a cron-job. If you don’t want to fully commit to that, you can change your machine-id by hand manually whenever you feel like it.
Step 1, remove the old machine-id file.
Step 2, recreate the machine-id file.
Step 3, confirm that /etc/machine-id (and /var/lib/dbus/machine-id) now show a new value, different from the original.
That’s it! You should see two lines in your output with matching IDs that differ from the original machine-id you had in the beginning.
You’ve changed your device’s uniquely identifying machine-id. This change will survive device reboots and will remain the same until you create a new one.
Method 2: Changing every 1 minute, automatically.
If the above didn’t satisfy your needs, than feel free to automate the creation of a new machine-id by creating a cronjob entry that will generate a new ID every minute.
Step 1, open up your crontab file.
Step 2, enter at the bottom of the file the following:
Save and Exit.
Step 3, wait a minute and confirm that your machine-id value has changed:
You should see two new matching values, that differs from the original value you had at the start. Wait a minute and run the step 3 command again, and you’ll see that these values have changed.
Posted on February 24, 2021
What is a machine-id, and why should you randomize it? From the machine-id man pages, it is defined as:
This ID uniquely identifies the host. It should be considered “confidential”, and must not be exposed in untrusted environments, in particular on the network. If a stable unique identifier that is tied to the machine is needed for some application, the machine ID or any part of it must not be used directly.
https://www.man7.org/linux/man-pages/man5/machine-id.5.html
In an effort to promote privacy, having a unique and unchanging identifier tied to your device seems like the wrong approach. It’s quite possible that poorly coded or even maliciously coded software could fetch this ID from your system. Let’s make sure that even if that does happen, that the value is constantly changing so that your device can not be uniquely identified as your device.
This is an incredibly simple and quick adjustment to your default Linux system. What we’re doing is showing you how to either adjust this value manually by hand, or by running a cronjob to change this value every minute with a new, randomized value.
Before we begin, a disclaimer: We’ve tested this on our own work desktops and development environments and I’ve tested it on my daily driver desktop. We have not found that anything has ‘broken’ because of this, but this is untested in many environments and may not be suitable for your use. It’s always reversible if you later wish to continue with a single, uniquely identifying ID attached to your device(s).
Debian / Ubuntu systems
To check your machine-id, open up your terminal and enter the following:
cat /etc/machine-id The output should look a little something like this:
a9976154f0084a3782892638656ad9fd You’ll note that this value is also stored in /var/lib/dbus/machine-id and that a symlink between the two exist. Any change to one file, will be reflected in the other.
me@virtbox-testing:~$ cat /etc/machine-id a9976154f0084a3782892638656ad9fd me@virtbox-testing:~$ cat /var/lib/dbus/machine-id a9976154f0084a3782892638656ad9fd If you reboot your device, you’ll notice that this value remains unchanged. So, let’s change it ourselves!
Method 1: Manually.
Method 2 is automatically, every minute, as ran by a cron-job. If you don’t want to fully commit to that, you can change your machine-id by hand manually whenever you feel like it.
Step 1, remove the old machine-id file.
sudo rm /etc/machine-id Step 2, recreate the machine-id file.
sudo systemd-machine-id-setup Step 3, confirm that /etc/machine-id (and /var/lib/dbus/machine-id) now show a new value, different from the original.
cat /etc/machine-id && cat /var/lib/dbus/machine-id That’s it! You should see two lines in your output with matching IDs that differ from the original machine-id you had in the beginning.
me@virtbox-testing:~$ cat /etc/machine-id && cat /var/lib/dbus/machine-id a78badce3e73beced163bbef7e55232a a78badce3e73beced163bbef7e55232a You’ve changed your device’s uniquely identifying machine-id. This change will survive device reboots and will remain the same until you create a new one.
Method 2: Changing every 1 minute, automatically.
If the above didn’t satisfy your needs, than feel free to automate the creation of a new machine-id by creating a cronjob entry that will generate a new ID every minute.
Step 1, open up your crontab file.
sudo crontab -e Step 2, enter at the bottom of the file the following:
*/1 * * * * sudo rm /etc/machine-id && sudo systemd-machine-id-setup Save and Exit.
Step 3, wait a minute and confirm that your machine-id value has changed:
cat /etc/machine-id && cat /var/lib/dbus/machine-id You should see two new matching values, that differs from the original value you had at the start. Wait a minute and run the step 3 command again, and you’ll see that these values have changed.