[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: access the cleartext root password during installation

On Tue, May 18, 2010 at 09:37:56AM +0200, Finn-Arne Johansen wrote:
On 05/15/2010 05:43 PM, Andreas B. Mundt wrote:
So my question is: Can I, by any means, access the root password
entered at the beginning of the installation at a later stage of the
installation process in clear text?

Alternative ideas or solutions are of course welcome.

Is it possible to create an udeb (or use debian-edu-*udeb) to ask for
the main password, store it in cleartext, preseed the root password,
then remove the cleartext password at the end of the installation.

I suspect that to be a dangerous approach: In effect this would duplicate (albeit hashed) the original root password which will *not* change if the original root password is later changed.

I do not find it uncommon to use a quick'n'dirty password at install time and then tighten security later. With this approach the too weak, temporary, initial password would silently become a weak backdoor into the system.

I certainly hope that no similar approach is in use today already!

Kind regards,

 - Jonas

 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

Attachment: signature.asc
Description: Digital signature

Reply to: