SSH

Uno Engborg uno at webworks.se
Fri Dec 9 04:07:10 UTC 2005


Danny Terweij - Net Tuning | Net wrote:

>From: "Terry Polzin" <fox3ec208 at wideopenwest.com>
>
>
>  
>
>>I'd boot into rescue mode and vi the /etc/shadow file and remove the
>>    
>>
>passwords
>  
>
>>then reboot normal.  The accounts will then have no password and then you
>>could generate your own passwords.
>>    
>>
>
>
>Eeks!. I thought linux was better then windows with passwords security.
>
>So when your laptop/server/pc is stolen all they have to do is this and gets
>full access as root with no pass?
>
>Next question, how to prevent this ?
>
>Danny.
>
>  
>
You could password protect grub,  and make sure that you set you bios to 
only boot
from your hard drive and then password protect bios too.  Use different 
passwords for
bios, grub and root.

That would slow intruders down a bit, but if they really want to access 
your data,
they could put the disk into another computer and access the information.
To prevent that, you need to encrypt your data, perhaps using an 
encrypting file system.

To make it harder, to remove or replace your disk without you knowing 
it, you could
try to super glue the disk to your computer and/or destroy the heads of 
the screws that
attaches it so that it can't be removed without breaking the equippment. 
The disadvantage
is of course that you won't be able to replace it if it breaks. You 
should also make sure
that it doesn't prevent cooling of the device.

The best way to stay safe, is not keep your computer attended, at all times.


Regards
Uno Engborg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20051209/b01ab721/attachment-0001.htm>


More information about the fedora-list mailing list