On 12.12.20 15:18, Alex Mestiashvili wrote:
Not sure is that was already answered, since I lost track of the thread.
But resetting the root password is just matter of booting with root
partition it rw mode and init=/bin/bash isn't?
It is not even required to mount your disk from other hardware. Simply
boot to the grub menu and set this boot parameter:
init=/sbin/sulogin --force
As long as someone has physical access to the Debian carrying disk, you
can always break into the system! In this case for restoring your access
options, but of course in other cases this could also be used for evil
things.
In order to prevent the evil access option you need to activated disk
encryption. To my knowledge this cannot be bypassed as easily as simply
gaining root access on an unencrypted system. But of course, if you now
forget your decryption passphrase, then your system is gone for ever,
also no more accessible by mounting the disk in another system. If you
now would have a problem with the root password or sudo setup, you would
for sure still need the disk decryption passphrase, and only afterwards
could help yourself with the mentioned boot parameter.
Best wishes, Marco.