Re: Data security Was: SSH
- From: Craig White <craigwhite@xxxxxxxxxxx>
- Date: Thu, 08 Dec 2005 19:24:04 -0700
On Thu, 2005-12-08 at 21:09 -0500, Leonard Isham wrote:
> On 12/8/05, Danny Terweij - Net Tuning | Net <d.terweij@xxxxxxxxxxxxx> wrote:
> >
> > From: "Terry Polzin" <fox3ec208@xxxxxxxxxxxxxxxx>
> >
> >
> > >I'd boot into rescue mode and vi the /etc/shadow file and remove the
> > passwords
> > >then reboot normal. The accounts will then have no password and then you
> > >could generate your own passwords.
> >
> >
> > Eeks!. I thought linux was better then windows with passwords security.
> >
> > So when your laptop/server/pc is stolen all they have to do is this and gets
> > full access as root with no pass?
> >
> > Next question, how to prevent this ?
> >
>
> Welcome. Now tou know why physical security is a must. Encryption
> with a strong passphrase. There is support for encrytped loopbacks.
> THe options and details are quite lengthy. Google and you will find
> articles and how-to's onthe subject. Also google PGP and GPG
> (http://www.gnupg.org/) for more information.
----
there is the ability to require a boot password for grub but generally,
if you can boot from a cd, you can still access files.
Then of course, you can boot into runlevel 1 instead of 'rescue mode'
and change passwords
Then of course, you probably shouldn't edit /etc/shadow directly but
rather simply issue 'passwd USER_NAME' even in runlevel 1 mode to reset
passwords.
Craig
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
- References:
- Data security Was: SSH
- From: Leonard Isham
- Data security Was: SSH
- Prev by Date: Re: SSH
- Next by Date: Re: SSH
- Previous by thread: Data security Was: SSH
- Index(es):
Relevant Pages
|
|
