Mailinglist Archive: opensuse-security (297 mails)
| < Previous | Next > |
Re: [suse-security] password recovery
- From: Rikard Johnels <rikjoh@xxxxxxxxx>
- Date: Mon, 26 Jul 2004 12:58:14 +0200
- Message-id: <200407261258.14856.rikjoh@xxxxxxxxx>
On Monday 26 July 2004 11.01, Tom Knight wrote:
> > > > On Sunday 25 July 2004 18.44, Antun Balaz wrote:
> > > >>And what if the filesystem is encrypted?
> > >
> > > -----------8<------------
> > >
> > > > Mount it the usual way for encrypted systems. I dont use it so i cant
> > > > tell you how. The actual filesystem isnt relevant. As long as you can
> > > > access it ok. Just mount it rw and chroot into it.
> > >
> > > But if the FS is encrypted with the root-PW
> > > you`ve got _real_ trouble.
> >
> > Correct me if I'm wrong but I'd say "In that case you are cooked!!"
> >
> > Not that i know much of encrypted FS's, but id say you are pretty lost by
> > then. Unless you can brutecrack the encryption with some forensics
> > software...
>
> Start looking for post-it notes near the console....
>
> Tom.
LOL! Well unfortunately that IS a relevant observation...
(Been there, done that, trashed the user badly for compromising the security)
But all jokes aside.
If you DON'T know the password for the encryption, i think you are lost...
--
/Rikard
------------------------------------------------------------------------------------
Rikard Johnels email : rikjoh@xxxxxxxxx
Web : http://www.rikjoh.com
Mob : +46 735 05 51 01
------------------------ Public PGP fingerprint ----------------------------
< 15 28 DF 78 67 98 B2 16 1F D3 FD C5 59 D4 B6 78 46 1C EE 56 >
> > > > On Sunday 25 July 2004 18.44, Antun Balaz wrote:
> > > >>And what if the filesystem is encrypted?
> > >
> > > -----------8<------------
> > >
> > > > Mount it the usual way for encrypted systems. I dont use it so i cant
> > > > tell you how. The actual filesystem isnt relevant. As long as you can
> > > > access it ok. Just mount it rw and chroot into it.
> > >
> > > But if the FS is encrypted with the root-PW
> > > you`ve got _real_ trouble.
> >
> > Correct me if I'm wrong but I'd say "In that case you are cooked!!"
> >
> > Not that i know much of encrypted FS's, but id say you are pretty lost by
> > then. Unless you can brutecrack the encryption with some forensics
> > software...
>
> Start looking for post-it notes near the console....
>
> Tom.
LOL! Well unfortunately that IS a relevant observation...
(Been there, done that, trashed the user badly for compromising the security)
But all jokes aside.
If you DON'T know the password for the encryption, i think you are lost...
--
/Rikard
------------------------------------------------------------------------------------
Rikard Johnels email : rikjoh@xxxxxxxxx
Web : http://www.rikjoh.com
Mob : +46 735 05 51 01
------------------------ Public PGP fingerprint ----------------------------
< 15 28 DF 78 67 98 B2 16 1F D3 FD C5 59 D4 B6 78 46 1C EE 56 >
| < Previous | Next > |