Disable Root Recovery
Mikkel L. Ellertson
mikkel at infinity-ltd.com
Mon Mar 13 18:01:57 UTC 2006
Feris Thia wrote:
> Hi All,
>
> I've heard that root access can be recovered if we forget the password
> or something causes authentication failed. How is that done ?
>
> And if so... I want it to be completely unrecoverable.. How can I do that ?
>
> Thanks,
>
The only way to recover the root password it to do something like a
dictionary or brute force attack on /etc/shadow. What can be done is
to boot the system in the single use mode, or off a rescue CD, and
change the root password.
Ways to prevent it:
Require a password to boot into the single user mode.
Disable boot from anything except the hard drive, and password
protect the BIOS. Also physically protect the machine so that
someone can not remove the hard drive, and place it in another
machine.
Encrypt the hard drive on the machine.
The thing is, if a person has physical access to the machine,
and know what they are doing, they can get the information off
of it sooner or later. All you can do is make it more work then
the information is worth.
Mikkel
--
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
More information about the fedora-list
mailing list