Very Computer

I have Debian distribution of Linux installed, but I forgot my root
password, could anyone tell me how I can get root access back? Thanks.
Yong

Quote:>I have Debian distribution of Linux installed, but I forgot my root
>password, could anyone tell me how I can get root access back? Thanks.

--

-Evan
------------
"Give people the outline, and they should say [sickly sweet voice, babytalk
almost] 'Ooh, what a cuddly penguin, I bet he is just _stuffed_ with
herring', and small children will jump up and down and scream 'mommy mommy,
can I have one too?'."
-- Linus Torvalds, describing what the Linux penguin should look like

Some people have told me they don't think a fat penguin really embodies the
grace of Linux, which just tells me they have never seen a angry penguin
charging at them in excess of 100mph. They'd be a lot more careful about
what they say if they had.
-- Linus Torvalds

Try this: boot Linux from floppy (do you have a boot/root floppy ? take a
look at bootdisk HOWTO) and login as root (in the floppy root filesystem),
then mount your hard disk (where password's file is installed) under a
directory on your floppy filesystem. Now you are able to access to passwd
file on the HD filesystem. Edit the file /etc/passwd removing the encrypted
password from the root user and save it. Remove the floppy and reboot: now
the root has no password so you can login simply with username"root"  and no
password.

Good luck
Stefano

: >I have Debian distribution of Linux installed, but I forgot my root
: >password, could anyone tell me how I can get root access back? Thanks.
:
: You can't...

Either Evan is assuming you don't have an alternate boot device, or else
Debian has gone way off-mainstream since I last checked.  Assuming you have
a standard floopy drive and boot disk (or a way to make one), just use that.

cheers
jg

p.s. followsup culled severely.

--
"don't listen when you're told about the best days in your life     Spirit of
 a useless old expression, it means passing time until you die."     the West
 /\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\/

--
Vive Macintosh, all hail OS/2, Long live the Amiga, UNIX forever, umm,
and all the other systems I didn't mention. We all compute differently,
get over it.                                          Jeremy Crabtree

- Ben

--
Ben Sandler
email me: sandler at ymail dot yu dot edu

"Windows is an operating system, not a religion."
- Ted Waitt, chairman of Gateway

Quote:>Either Evan is assuming you don't have an alternate boot device, or else
>Debian has gone way off-mainstream since I last checked.  Assuming you have
>a standard floopy drive and boot disk (or a way to make one), just use

True enough... I should really check these things before I reply to them...
;-)

--

-Evan
------------
"Give people the outline, and they should say [sickly sweet voice, babytalk
almost] 'Ooh, what a cuddly penguin, I bet he is just _stuffed_ with
herring', and small children will jump up and down and scream 'mommy mommy,
can I have one too?'."
-- Linus Torvalds, describing what the Linux penguin should look like

Some people have told me they don't think a fat penguin really embodies the
grace of Linux, which just tells me they have never seen a angry penguin
charging at them in excess of 100mph. They'd be a lot more careful about
what they say if they had.
-- Linus Torvalds

~BR

Quote:

>  Ok, so isn't this a bit of a security problem??? Is there any way to stop
>someone from re-booting my Linux box like this and changing my root
>password?? Of course I would probably be more worried about them breaking
>into my house to get to my Linux box.  But if you have a Linux machine
>somewhere where a person could do this, could you stop it?

>~BR

restricted
password=your_password

to /etc/lilo.conf in the stanza that boots your Linux box, run lilo,
and when someone tries to boot LILO with "linux single", or any other
option to that stanza, LILO will ask for a password.

This even works with MS-DOS and other OS partitions.  (I have a Linux box
which I installed from CD, which doesn't even have a floppy drive in it,
so I have it password protected, and the case locked.  This will keep out
the midly curious, but anyone with any real intent can still pry the case
open, zap the NVRAM, stick a floppy drive, and boot.  You can use TCFS, to
encrypt your data, but I digress.)

The lilo man page is quite terse, but the docs that come with LILO explain
this in much greater detail (the LILO password protection).

Attack 1: Use boot option "single"
Protection: Add a password to /etc/lilo.config. Then LILO will ask for a
password when it sees an additional parameter to a boot image (see man lilo
for details)

Attack 2: Boot with a boot/root floppy
Protection a: disable boot from floppy in the BIOS

Attack 3a: re-enable boot from floppy in the BIOS
Protection: protect the BIOS with a password

Attack 4a: reset the BIOS to default values
Protection: this attack requires opening the case, so lock it with a pad
lock or place an armed guard next to it.

Protection 2b: remove the floppy drive

Attack 3b: put the floppy drive back
Protection: same as 4a

Attack: open the case, remove the HD, and hook it up to another computer
Protection: see 4a

Baseline: If you have physical access to the computer, then you can do
everything and no software can prevent it.

jue
--
Jrgen Exner; jurgenex AT microsoft.com
Sorry for this anti-spam inconvenience

Torben

From what I can see, exploiting suid requires constructing little bits of
machine language and dropping them some place *real* particular.

I daresay that *my* intent is "strictly honourable;" to understand the
system better.  (On my systems, I obviously already have root access.  I
hardly need a hack for that.) That obviously isn't necessarily true for all
the possible gentle readers.

--
Those who do not understand Unix are condemned to reinvent it, poorly.  
-- Henry Spencer          <http://www.hex.net/~cbbrowne/lsf.html>

Quote:> Ok, so isn't this a bit of a security problem??? Is there any
> way to stop someone from re-booting my Linux box like this
> and changing my root password?? Of course I would probably be
> more worried about them  breaking into my house to get to my
> Linux box.  But if you have a Linux  machine  somewhere where
> a person could do this, could you stop it?  Physical access
> to the machine is the problem, and if it is possible, all other
> security measures become superfluous.

  Anyways - scroll back and find my post w/ the slide program. Then
you won't have to worry about forgetting your root passwd.

-Jae

Quote:>  Ok, so isn't this a bit of a security problem???

Dave Cook