Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Linux, the way to get rid of boot viruses -- MaDsen Wikholm, mwikholm@at8.abo.fi


computers / alt.os.linux.mageia / Re: Resetting lost root password

SubjectAuthor
* Resetting lost root passwordGrimble
+* Re: Resetting lost root passwordBit Twister
|+* Re: Resetting lost root passwordWilliam Unruh
||`* Re: Resetting lost root passwordDavid W. Hodgins
|| `* Re: Resetting lost root passwordWilliam Unruh
||  `* Re: Resetting lost root passwordDavid W. Hodgins
||   `* Re: Resetting lost root passwordWilliam Unruh
||    `- Re: Resetting lost root passwordDavid W. Hodgins
|`- Re: Resetting lost root passwordDavid W. Hodgins
`- Re: Resetting lost root passwordGrimble

1
Resetting lost root password

<tb94nv$1ma2e$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=4992&group=alt.os.linux.mageia#4992

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: grim...@nomail.afraid.org (Grimble)
Newsgroups: alt.os.linux.mageia
Subject: Resetting lost root password
Date: Wed, 20 Jul 2022 15:50:10 +0100
Organization: A noiseless patient Spider
Lines: 9
Message-ID: <tb94nv$1ma2e$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 20 Jul 2022 14:50:39 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="d93bddad4bc0c48dccabab82758b0502";
logging-data="1779790"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/5+lvgabd4KsfvCcf+Z3yj"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.0.2
Cancel-Lock: sha1:FfNPePOMQ4lP4RZfeF5Vg+jpkwg=
Content-Language: en-GB
 by: Grimble - Wed, 20 Jul 2022 14:50 UTC

I've just had to write instructions to someone to reset root's password
by adding "init=/bin/sh/" to the boot line. Everything worked OK, but
how to resume/reboot, since "shutdown" isn't available? I just switched
off; is there a more elegant exit? ("exit" itself doesn't work either)
--
Grimble
Machine 'Haydn' running Plasma 5.20.4 on 5.15.50-desktop-1.mga8 kernel.
Mageia release 8 (Official) for x86_64

Re: Resetting lost root password

<slrntdgemh.2eaai.BitTwister@wb.home.test>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=4993&group=alt.os.linux.mageia#4993

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: BitTwis...@mouse-potato.com (Bit Twister)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Wed, 20 Jul 2022 12:26:40 -0500
Organization: A noiseless patient Spider
Lines: 18
Message-ID: <slrntdgemh.2eaai.BitTwister@wb.home.test>
References: <tb94nv$1ma2e$1@dont-email.me>
Injection-Info: reader01.eternal-september.org; posting-host="b1f6fc00923f34785ebef146f7e07d8f";
logging-data="1855195"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18yC+8wcv1l6FMjH+C0kpN2ljkBlUhI+TE="
User-Agent: slrn/pre1.0.4-6 (Linux)
Cancel-Lock: sha1:ywdZn1k0SHW04oHBcx8BJieLRXQ=
 by: Bit Twister - Wed, 20 Jul 2022 17:26 UTC

On Wed, 20 Jul 2022 15:50:10 +0100, Grimble wrote:
> I've just had to write instructions to someone to reset root's password
> by adding "init=/bin/sh/" to the boot line.

I thought just adding a space 1 to end of kernel line would boot system to run level 1

> Everything worked OK, but
> how to resume/reboot, since "shutdown" isn't available?

Probably would be available if you were to do a
export PATH=$PATH:/usr/sbin/

or did a /usr/sbin/shutdown

> I just switched
> off; is there a more elegant exit? ("exit" itself doesn't work either)

Use run level 1 next time with shutdown or poweroff.

Re: Resetting lost root password

<tb9fih$1p2vh$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=4994&group=alt.os.linux.mageia#4994

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: unr...@invalid.ca (William Unruh)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Wed, 20 Jul 2022 17:55:29 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 25
Message-ID: <tb9fih$1p2vh$1@dont-email.me>
References: <tb94nv$1ma2e$1@dont-email.me>
<slrntdgemh.2eaai.BitTwister@wb.home.test>
Injection-Date: Wed, 20 Jul 2022 17:55:29 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="c6f69377f0c51246a36baa1d9a556af1";
logging-data="1870833"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18M6a7AKJrEJgSeoVG4fRfO"
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:xEAFPUyiZbQi9YdGOqn/FZrZsJY=
 by: William Unruh - Wed, 20 Jul 2022 17:55 UTC

Doesn't runlevel 1 also ask for a root password when it comes up?

Otherwise any machine on its own would be completely open to someone
hacking in as root.

On 2022-07-20, Bit Twister <BitTwister@mouse-potato.com> wrote:
> On Wed, 20 Jul 2022 15:50:10 +0100, Grimble wrote:
>> I've just had to write instructions to someone to reset root's password
>> by adding "init=/bin/sh/" to the boot line.
>
> I thought just adding a space 1 to end of kernel line would boot system to run level 1
>
>> Everything worked OK, but
>> how to resume/reboot, since "shutdown" isn't available?
>
> Probably would be available if you were to do a
> export PATH=$PATH:/usr/sbin/
>
> or did a /usr/sbin/shutdown
>
>> I just switched
>> off; is there a more elegant exit? ("exit" itself doesn't work either)
>
> Use run level 1 next time with shutdown or poweroff.

Re: Resetting lost root password

<op.1pme6gpva3w0dxdave@hodgins.homeip.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=4995&group=alt.os.linux.mageia#4995

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: dwhodg...@nomail.afraid.org (David W. Hodgins)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Wed, 20 Jul 2022 16:00:06 -0400
Organization: A noiseless patient Spider
Lines: 8
Message-ID: <op.1pme6gpva3w0dxdave@hodgins.homeip.net>
References: <tb94nv$1ma2e$1@dont-email.me>
<slrntdgemh.2eaai.BitTwister@wb.home.test> <tb9fih$1p2vh$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
Content-Transfer-Encoding: 8bit
Injection-Info: reader01.eternal-september.org; posting-host="34757a277d69d6d690fb815271c6ca31";
logging-data="1931875"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19G/rdYT0qxuAUnvvNqM7WYPTlWaa5F1B8="
User-Agent: Opera Mail/12.16 (Linux)
Cancel-Lock: sha1:s0bdfuFKKVFNXTcyNpEtU8JL9uY=
 by: David W. Hodgins - Wed, 20 Jul 2022 20:00 UTC

On Wed, 20 Jul 2022 13:55:29 -0400, William Unruh <unruh@invalid.ca> wrote:

> Doesn't runlevel 1 also ask for a root password when it comes up?

Only if you've configured it to ask. The default standard security in msec doesn't
do that. At the secure level or by overriding the ENABLE_SULOGIN setting it does.

Regards, Dave Hodgins

Re: Resetting lost root password

<op.1pme12vja3w0dxdave@hodgins.homeip.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=4996&group=alt.os.linux.mageia#4996

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: dwhodg...@nomail.afraid.org (David W. Hodgins)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Wed, 20 Jul 2022 15:57:28 -0400
Organization: A noiseless patient Spider
Lines: 17
Message-ID: <op.1pme12vja3w0dxdave@hodgins.homeip.net>
References: <tb94nv$1ma2e$1@dont-email.me>
<slrntdgemh.2eaai.BitTwister@wb.home.test>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
Content-Transfer-Encoding: 8bit
Injection-Info: reader01.eternal-september.org; posting-host="34757a277d69d6d690fb815271c6ca31";
logging-data="1931875"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19L1bCBTwMkC/JXrF9XI5/bSLVFE71mlrY="
User-Agent: Opera Mail/12.16 (Linux)
Cancel-Lock: sha1:NNZjfSaAW3P4HCywooNU1akHy28=
 by: David W. Hodgins - Wed, 20 Jul 2022 19:57 UTC

On Wed, 20 Jul 2022 13:26:40 -0400, Bit Twister <BitTwister@mouse-potato.com> wrote:
> On Wed, 20 Jul 2022 15:50:10 +0100, Grimble wrote:
>> I've just had to write instructions to someone to reset root's password
>> by adding "init=/bin/sh/" to the boot line.
>
> I thought just adding a space 1 to end of kernel line would boot system to run level 1

Run level 1 on my systems requires the root password.

mcc/Security settings/System security - Enable sulogin. It adds a line to
/etc/inittab with "~~:S:wait:/sbin/sulogin" (Without the quotes). Note those
are two tildes at the start, not hyphens.

The only ways on my system is using a live iso or removing the drive and connecting
it to another system to edit the /etc/shadow file.

Regards, Dave Hodgins

Re: Resetting lost root password

<tba2ni$1tqpu$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=4998&group=alt.os.linux.mageia#4998

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: unr...@invalid.ca (William Unruh)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Wed, 20 Jul 2022 23:22:26 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <tba2ni$1tqpu$1@dont-email.me>
References: <tb94nv$1ma2e$1@dont-email.me>
<slrntdgemh.2eaai.BitTwister@wb.home.test> <tb9fih$1p2vh$1@dont-email.me>
<op.1pme6gpva3w0dxdave@hodgins.homeip.net>
Injection-Date: Wed, 20 Jul 2022 23:22:26 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="7fb4ff3ec7a525ef7ae9d1ae784bca64";
logging-data="2026302"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/pXTFlyF/8ubA/Yoa0c1IR"
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:JsWDv733KkIZ8mt3HcZ7xieEgC4=
 by: William Unruh - Wed, 20 Jul 2022 23:22 UTC

On 2022-07-20, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
> On Wed, 20 Jul 2022 13:55:29 -0400, William Unruh <unruh@invalid.ca> wrote:
>
>> Doesn't runlevel 1 also ask for a root password when it comes up?
>
> Only if you've configured it to ask. The default standard security in msec doesn't
> do that. At the secure level or by overriding the ENABLE_SULOGIN setting it does.

Which means anyone who happens across the machine can change the root
password (including say the border officials who want to see what is on
your machine), and thus see, or change anything on the machine.
>
> Regards, Dave Hodgins

Re: Resetting lost root password

<op.1pmo5wgya3w0dxdave@hodgins.homeip.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=4999&group=alt.os.linux.mageia#4999

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: dwhodg...@nomail.afraid.org (David W. Hodgins)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Wed, 20 Jul 2022 19:35:46 -0400
Organization: A noiseless patient Spider
Lines: 24
Message-ID: <op.1pmo5wgya3w0dxdave@hodgins.homeip.net>
References: <tb94nv$1ma2e$1@dont-email.me>
<slrntdgemh.2eaai.BitTwister@wb.home.test> <tb9fih$1p2vh$1@dont-email.me>
<op.1pme6gpva3w0dxdave@hodgins.homeip.net> <tba2ni$1tqpu$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
Content-Transfer-Encoding: 8bit
Injection-Info: reader01.eternal-september.org; posting-host="2405d881713a4d9e211fc3c59d020419";
logging-data="2034573"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19pmxIsUYPsCU/qgGj8uik/VxhS6xQQH+Y="
User-Agent: Opera Mail/12.16 (Linux)
Cancel-Lock: sha1:ira33vCUqXeV33zjXKLkXskXBxM=
 by: David W. Hodgins - Wed, 20 Jul 2022 23:35 UTC

On Wed, 20 Jul 2022 19:22:26 -0400, William Unruh <unruh@invalid.ca> wrote:
> On 2022-07-20, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
>> On Wed, 20 Jul 2022 13:55:29 -0400, William Unruh <unruh@invalid.ca> wrote:
>>> Doesn't runlevel 1 also ask for a root password when it comes up?

>> Only if you've configured it to ask. The default standard security in msec doesn't
>> do that. At the secure level or by overriding the ENABLE_SULOGIN setting it does.
>
> Which means anyone who happens across the machine can change the root
> password (including say the border officials who want to see what is on
> your machine), and thus see, or change anything on the machine.

Correct. Anyone with physical control over the hard drive has access unless
it's encrypted. Requiring the root password for single user mode just slows down
the people who don't know how to get around that. It doesn't stop access or
changing the password.

If you're going to be crossing borders, expect to be required to provide access,
including providing decryption pass phrase, and passwords to your social media
accounts.

Even encryption doesn't help with when a rubber hose is involved. :-)

Regards, Dave Hodgins

Re: Resetting lost root password

<tbb7at$29irh$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5000&group=alt.os.linux.mageia#5000

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: grim...@nomail.afraid.org (Grimble)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Thu, 21 Jul 2022 10:46:41 +0100
Organization: A noiseless patient Spider
Lines: 15
Message-ID: <tbb7at$29irh$1@dont-email.me>
References: <tb94nv$1ma2e$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Thu, 21 Jul 2022 09:47:09 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="4800e605fde9be73b97c891280d98917";
logging-data="2411377"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+DTSu2HzVJZ5dVYSPhu2cJ"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
Thunderbird/102.0.2
Cancel-Lock: sha1:iQCbvs5D2ZRNUygL+qRmxS7xVu4=
Content-Language: en-GB
In-Reply-To: <tb94nv$1ma2e$1@dont-email.me>
 by: Grimble - Thu, 21 Jul 2022 09:46 UTC

On 20/07/2022 15:50, Grimble wrote:
> I've just had to write instructions to someone to reset root's password
> by adding "init=/bin/sh/" to the boot line. Everything worked OK, but
> how to resume/reboot, since "shutdown" isn't available? I just switched
> off; is there a more elegant exit? ("exit" itself doesn't work either)

Well, that seems to have surprised a few people.
Thanks,
G --
Grimble
Machine 'Haydn' running Plasma 5.20.4 on 5.15.50-desktop-1.mga8 kernel.
Mageia release 8 (Official) for x86_64

Re: Resetting lost root password

<tbcaqk$2ind0$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5005&group=alt.os.linux.mageia#5005

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: unr...@invalid.ca (William Unruh)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Thu, 21 Jul 2022 19:52:52 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 28
Message-ID: <tbcaqk$2ind0$1@dont-email.me>
References: <tb94nv$1ma2e$1@dont-email.me>
<slrntdgemh.2eaai.BitTwister@wb.home.test> <tb9fih$1p2vh$1@dont-email.me>
<op.1pme6gpva3w0dxdave@hodgins.homeip.net> <tba2ni$1tqpu$1@dont-email.me>
<op.1pmo5wgya3w0dxdave@hodgins.homeip.net>
Injection-Date: Thu, 21 Jul 2022 19:52:52 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="7fb4ff3ec7a525ef7ae9d1ae784bca64";
logging-data="2710944"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/d24yqckj4oPJjBDn8LumB"
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:7cX8ebuYHMafLGDs4V3/BLp73FA=
 by: William Unruh - Thu, 21 Jul 2022 19:52 UTC

On 2022-07-20, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
> On Wed, 20 Jul 2022 19:22:26 -0400, William Unruh <unruh@invalid.ca> wrote:
>> On 2022-07-20, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
>>> On Wed, 20 Jul 2022 13:55:29 -0400, William Unruh <unruh@invalid.ca> wrote:
>>>> Doesn't runlevel 1 also ask for a root password when it comes up?
>
>>> Only if you've configured it to ask. The default standard security in msec doesn't
>>> do that. At the secure level or by overriding the ENABLE_SULOGIN setting it does.
>>
>> Which means anyone who happens across the machine can change the root
>> password (including say the border officials who want to see what is on
>> your machine), and thus see, or change anything on the machine.
>
> Correct. Anyone with physical control over the hard drive has access unless
> it's encrypted. Requiring the root password for single user mode just slows down
> the people who don't know how to get around that. It doesn't stop access or
> changing the password.

Slowing down may be worthwhile.

>
> If you're going to be crossing borders, expect to be required to provide access,
> including providing decryption pass phrase, and passwords to your social media
> accounts.
>
> Even encryption doesn't help with when a rubber hose is involved. :-)
>
> Regards, Dave Hodgins

Re: Resetting lost root password

<op.1poa7sdoa3w0dxdave@hodgins.homeip.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=5007&group=alt.os.linux.mageia#5007

 copy link   Newsgroups: alt.os.linux.mageia
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: dwhodg...@nomail.afraid.org (David W. Hodgins)
Newsgroups: alt.os.linux.mageia
Subject: Re: Resetting lost root password
Date: Thu, 21 Jul 2022 16:29:42 -0400
Organization: A noiseless patient Spider
Lines: 15
Message-ID: <op.1poa7sdoa3w0dxdave@hodgins.homeip.net>
References: <tb94nv$1ma2e$1@dont-email.me>
<slrntdgemh.2eaai.BitTwister@wb.home.test> <tb9fih$1p2vh$1@dont-email.me>
<op.1pme6gpva3w0dxdave@hodgins.homeip.net> <tba2ni$1tqpu$1@dont-email.me>
<op.1pmo5wgya3w0dxdave@hodgins.homeip.net> <tbcaqk$2ind0$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
Content-Transfer-Encoding: 8bit
Injection-Info: reader01.eternal-september.org; posting-host="2405d881713a4d9e211fc3c59d020419";
logging-data="2739282"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/J9LHIgSXZCcaFdnQ83NG0rYsrZUQoBX8="
User-Agent: Opera Mail/12.16 (Linux)
Cancel-Lock: sha1:G1DWw0Iw8iCWZuoyXXRnK+fFKR4=
 by: David W. Hodgins - Thu, 21 Jul 2022 20:29 UTC

On Thu, 21 Jul 2022 15:52:52 -0400, William Unruh <unruh@invalid.ca> wrote:
> On 2022-07-20, David W. Hodgins <dwhodgins@nomail.afraid.org> wrote:
>> Correct. Anyone with physical control over the hard drive has access unless
>> it's encrypted. Requiring the root password for single user mode just slows down
>> the people who don't know how to get around that. It doesn't stop access or
>> changing the password.
>
> Slowing down may be worthwhile.

If untrusted users have physical access, either use "secure" for the base security
level in mcc, or use the ENABLE_SULOGIN option.

Encryption, at least for any sensitive data, should be used too.

Regards, Dave Hodgins

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor