RE: [SLE] Lost my root password
You bring up a good issue though.. If you lose a password and reset it, isn't that a security hole? how can you stop someone from resetting or changing the root password ... thanks JJ -----Original Message----- From: William Dulyea [SMTP:wdulyea@qualcomm.com] Sent: Tuesday, May 28, 2002 5:05 PM To: tabanna@aig.forthnet.gr; suse-linux-e@suse.com Subject: Re: [SLE] Lost my root password Thanks to everyone that replied. -William At 05:57 PM 5/28/2002 +0000, tabanna wrote:
On Tue, 28 May 2002, William Dulyea wrote:
Over the weekend I was helping my brother
someone who knows, wrote, the other day :- ___________________
Yeah, boot the system with the floppy and choose to start the rescue system. (There are alot of ways to do this, some like the cdrom rescue boot) So boot up, it will say "Yomamma" or "Rescue", and you won't have to have a password. Then say your / partition is /dev/hda3, do mount -t ext2 /dev/hda3 /mnt (use reiserfs if required) then vi /mnt/etc/shadow and find the root entry and delete everything between the first 2 colons after the root entry. When done it should look like root::100112:......... JUST MAKE THE FIRST 2 COLONS ADJACENT hit : w to write and exit vi reboot, and you will get a root prompt but not need a password. You're back.......just enter passwd to set a new root passwd and then change all user passwords back to something you remember. ...................
best wishes
____________
sent on Linux
____________
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com
* Jon San Juan (j_sanjuan@ivchd.com) [020528 20:05]:
You bring up a good issue though.. If you lose a password and reset it, isn't that a security hole? how can you stop someone from resetting or changing the root password ...
If someone has physical access to the machine you've already lost. Even if you could prevent them from booting with 'init=/bin/sh' or whatever, they could just steal the disk out of the machine. -- -ckm
On Tue, May 28, 2002 at 09:27:22PM -0700, Christopher Mahmood wrote:
* Jon San Juan (j_sanjuan@ivchd.com) [020528 20:05]:
You bring up a good issue though.. If you lose a password and reset it, isn't that a security hole? how can you stop someone from resetting or changing the root password ...
If someone has physical access to the machine you've already lost. Even if you could prevent them from booting with 'init=/bin/sh' or whatever, they could just steal the disk out of the machine.
If you use an encrypted file system, and had your important data there, you could prevent loss of that data, even if an attacker had your disk and root access. To make it harder to break into your machine, if you think someone may get to it physically, you can also set up a BIOS password and password protect LILO. Best Regards, Keith -- LPIC-2, MCSE, N+ Got spam? Get spastic http://spastic.sourceforge.net
On Wed, 29 May 2002, Jon San Juan wrote:
isn't that a security hole?
believe, it has been said, that, if person of mal-intent can physically get hands on box, then, it's a gonner. [ to be secure, one would need to keep box in bank vault?] best wishes ____________ sent on Linux ____________
** Reply to message from tabanna
On Tuesday 28 May 2002 10:04 pm, Jon San Juan wrote:
You bring up a good issue though.. If you lose a password and reset it, isn't that a security hole? how can you stop someone from resetting or changing the root password ...
This has been hashed over so many times in so many places... If you can't ensure *physical* security to the computer (i.e. anybody can walk up to it and reboot it off a floppy, etc.), there is no way to ensure data security. Password protected BIOS's, etc. can help, but the only truely secure computer is locked in a room with no cables going to it. -Nick
participants (6)
-
Christopher Mahmood -
jfweber@bellsouth.net -
Jon San Juan -
Keith Winston -
Nick LeRoy -
tabanna