[lug] Re: linux

bdoctor at ps-ax.com bdoctor at ps-ax.com
Mon Jun 18 23:36:13 MDT 2001


It isn't as bad as it sounds, really, in fact with nearly every *nix, this
is the preferred method to recover the root password.  Remember that with 
*nixes, everything is a file, thus if you have access to the file system,
you can do whatever you need to do, and physical access gives you many more
options.  Boot from the cdrom, mount the FS containing the /etc directory,
edit /etc/passwd|shadow|etc., reboot and off you go.

It isn't really possible to do it remotely, because first you would need the
proper boot image in the machine (cdrom or otherwise) and then you would need
console access, since it will not come up with an IP address, so all in all,
this is fairly safe.  If your machine is in an area where physical security is
not a given, then that is another issue.  At the least, it would take two
people to pull it off remotely, and even then you would need a remote console
app, like what Compaq and Dell have, if you the remote person were to do it.


-brad

> So basically, as long as you have physical access to the machine, there is a way
> to reset the root password?  Sounds scary.  Is it possible to do this remotely?
> That's even more scary.
> 



More information about the LUG mailing list