Disable Root Recovery
tfreeman at intel.digichem.net
tfreeman at intel.digichem.net
Mon Mar 13 18:03:03 UTC 2006
On Tue, 14 Mar 2006, Feris Thia wrote:
> Hi All,
>
> I've heard that root access can be recovered if we forget the password
> or something causes authentication failed. How is that done ?
>
> And if so... I want it to be completely unrecoverable.. How can I do that ?
<<snip>>
I haven't seen a response to this, so I'll take a crack at it and hope
that somebody will chime in when I err.
First off, please be reminded that everything here has exceptions _if_
somebody has the time and money to make the exception, especially if they
physically have the hardware. Should you want to make a computer resistant
to a TLA (Three Letter Agency - ie. US agencies like the CIA, FBA and so
forth, your region of the world probably has similar organizations with
the capabilities), you are almost completely out of luck.
Ok. Recovering root. Boot the computer to single user, and many
configurations will give you the root prompt, from where you can
reestablish a root password.
If that has been forseen, boot the system with another disk (floppy,
cd/dvd and so forth) into single user. If the bios blocks you with a
password protected boot sequence, usually you can short out the bios for a
second and reset the defaults.
Of course, there are further fall back positions from there, but I don't
know most of them I'm sure, and most people don't protect their systems
much harder in my experience.
If you are _sure_ you want to have a highly resistant system, you need to
look into encrypted file systems and such, and somebody else will have to
point you in the correct direction for those. I don't use them.
--
=============================================
If you think Education is expensive
Try Ignorance
Author Unknown
============================================
More information about the fedora-list
mailing list