[SOLVED] Intruders can log in to my Linux box using run level 1 without using the password ??
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Intruders can log in to my Linux box using run level 1 without using the password ??
Hi,
Well I have been using linux for sometime, and have kept strong passwords for every user account. But recently I noticed when we boot into run level 1, it does not ask for any password.
This means that anyone can turn on my computer in my absence, on grub menu press a, then 1 to append 1 to the kernel arguments, which will make my system boot in run level 1.
It won't ask for any password. Once in run level 1, the intruder can easily access my files, copy them, change their permissions, change even the root password.
Now how can I make my system more secure?
Is there a way to get detailed info of each log in session, like which user, which run level, for how long and things like that?
Well I have been using linux for sometime, and have kept strong passwords for every user account. But recently I noticed when we boot into run level 1, it does not ask for any password.
This means that anyone can turn on my computer in my absence, on grub menu press a, then 1 to append 1 to the kernel arguments, which will make my system boot in run level 1.
It won't ask for any password. Once in run level 1, the intruder can easily access my files, copy them, change their permissions, change even the root password.
Now how can I make my system more secure?
Is there a way to get detailed info of each log in session, like which user, which run level, for how long and things like that?
Regards
You can secure your grub by putting a grub password, so that whenever someone presses e to enter into runlevel 1, it will ask for the grub password.
Any user who has a physical access to your machine should be able to change the kernel parameters. You should keep your machine physically safe. And also keep a password for the Grub. So that anyone who wants to or tries to edit the grub parameters will need to pass the password. And without the password, grub menu will not be accessible for editing.
Look Here for how to protect your grub with password.
You can even add a bios passwd on some systems, but in any case, physical access to a system means all bets are off eg they could remove the hdd & put it in another system; in which case encryption is the only answer.
This is true of any OS, not just Linux.
Enter password and press enter, then re-enter password and press enter again, it will take you back to # prompt.
Now open the file /etc/grub.conf with vi,
Edit the file in following manner:
The newly added line should have that alphanumeric password which you'll find in the bottom of the file (you have redirected the password in this file when creating the password)cut that password and paste it like password --md5 your_password
save and exit.
Last edited by Sayan Acharjee; 03-23-2010 at 12:29 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
