Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Followed acid_kewpie advice and ran a search through the forum before asking question. But i need a little more help.
OK what I have found out...
1. Boot, in GRUB press ctrl x
2. then select single user mode.
3. login as root (no pwd required)
4. type passwd, and re-set password.
5. is that correct? seems to easy!
by the way, its RH 7.2 does that make a difference?!!!
sorry, but i don't like when people forget their own passwords, i deal with that crap everyday and it bugs me to think people set a password and don't remember it..
its a whole other story when you take the place of a admin who has left and he didn't leave the password for you to begin with.
Well, actually medamnit, there is such thing as a secure system if your pc can be physically be reached by someone. Even if you too grub off and simply booted directly into Linux, and you couldn't do the little control-x trick, there are still other ways of doing it.
Yeah acid!, some delicious crispy DONUT!!!!!!!!!!!!!!!!!!!
Medamnit, I haven't done it myself, or seen either what other way there is to access some linux box and gain root priviliges. I'm sure if you got a floppy drive, you can do something to boot into single mode user if lilo or grub are disabled. But, I wouldnt know exactly what to do,
Alrighty!, you're your cousins Hero, :P
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
yup, i tried it (well, not the grub method, i do know my root password) typing passwd at the Single user prompt DOES NOT require the original password, but then again you DO have to be sitting physically in front of the target box for it to work (single user mode only works directly on the box unless perhaps configured otherwise, and i doubt very much that anyone would set that up too insecurely, and in most cases (other than the case of your own machine) that box is going to be either in a locked closet (or room), or somewhere that doesn't allow such physical access to the target machine, along with any terminals that have single user access. In short, nobody get any ideas as how to hack into that linux box you've been thinking about hitting with this new information
Originally posted by Calum this is bloody shocking! on a secure OS you should not be able to log in as root, unless you know the root password!!! this is as bad as that screensaver exploit to logon as root in WinNT!
no it's not. are you seriously suggesting that if a server for a company goes down for example, and somehow the password for root becomes corrupted, or maybe someone changed it maliciously, there sghould be NO way to get that server working again? reformat the thing???? Lilo and Grub both have numerous security option that can require additional passwords in order to boot the system into a non predefined state, i.e. single user mode.
if you say so, but security is only as secure as the weakest link in the chain. A company, as you say, would probably have all that stuff configured in a secure fashion. Many home users may not know how to, or even that the capability exists to either login as root without the password, or to stop someone from doing so.
Anything that can be exploited is an exploit.
Well how far do you want to go to secure your computer as a home user? Someone needs to have physical access to your computer to change the root password in that way.
I'm sure any creative person who has physical access to your computer can find many ways to break it. A hamer should do a bit of damage. Do you also consider that as a weak link in the chain?
not really, actually linux is very secure, for a lot of reasons, and i think that it's fine the way it is, but there's always room for improvement.
The winNT exploit i mention also requires physical access, but unlike linux (and this is the important bit) there is no way to configure winNT so that the exploit won't work, because M$ has not released a patch for it, and it's a closed source system.
So, actually, no i think it's fine so long as everybody does as they're supposed to, but the more backdoors get left open, by undereducated companies for example, the more people are going to use those backdoors. and so on.
I don't know much about it and i'm not up for an argument, i'm just saying an exploit is an exploit, if it ends up getting exploited by somebody...
Originally posted by Calum I don't know much about it and i'm not up for an argument, i'm just saying an exploit is an exploit, if it ends up getting exploited by somebody...
if you are going to suggest that say, the su command is an explot, and logically say... rm is an exploit.. then yes it is an exploit.. but if rm isn't one, then neither is the ability to boot to single user mode.