On Mon, Jan 19, 2004 at 01:33:27PM +0100, konf wrote: > during the installation of debian testing/unstable i missed menu > offering to set root password.how should i login to the system?is the (1) When (re-)configuring a system, have a paper notebook handy. Unless you have an infaliable memory, this is a paramount. > any default password for root set by installation? (2) At the kernel command line, add ``init=/bin/sh'' at the end. This should boot the sh(1) shell just after the kernel is booted, circumventing any security measures. Depending on your setup, you might have to boot off a rescue/install disk in order to get a bootloader prompt. (3) at the shell prompt, mount the filesystem carrying /etc/shadow for write access: ``mount -o remount,rw /'' (4) call the password alteration command: ``passwd''; change the password. (5) unmount, so that you won't get fs corruption: ``mount -o remount,ro /'' (6) just to be sure the data are really written: ``sync'' and wait a while (7) reboot I hope I didn't miss anything, I'm writing this off of the top of my head ;-) You can see, there is not much to the Unix security if the attacker can mess with the bootup process. Restricting physical access, and/or setting up bootup/bootloader passwords is a necessity when security is an issue. HTH, Jan. -- Jan Minar "Please don't CC me, I'm subscribed." x 9
Attachment:
pgpr9cXTsb1JC.pgp
Description: PGP signature