LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-29-2009, 10:03 PM   #1
manjunathgn
LQ Newbie
 
Registered: Aug 2008
Posts: 17

Rep: Reputation: 0
Root Password


Dear ALL,

One of our computer is connected to other company's network n they r supposed to read data from our PC's. Initially i had given my password to him. After that i changed it. But that fellow deciphered my new password and asked to me whether that was my new password..

How do we retrieve/decipher the password if some one changes it?

Tell me how can he decipher my new password?


Manjunath
 
Old 11-29-2009, 10:07 PM   #2
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
You can use brute force approaches but I think the forum rules forbid discussing this.

The best thing to do is make a dedicated account for this user, and copy the hashed password that they set on your account to their account. Then you can reset the password to whatever you like on your account.

Evo2.
 
Old 11-30-2009, 12:53 AM   #3
itsbrad212
Member
 
Registered: Nov 2009
Location: Chicago
Distribution: Arch and OpenBSD
Posts: 104

Rep: Reputation: 19
Quote:
You can use brute force approaches but I think the forum rules forbid discussing this.
LOL
 
Old 11-30-2009, 01:12 AM   #4
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,036

Rep: Reputation: 96
Is anyone else concerned that your post title is "Root Password"?

Was it the root password that you gave someone?

If not, does your user account have the ability to use sudo?

If you changed your password and the other person immediately knew what you changed it to, you should assume that the system may be compromised.
 
Old 11-30-2009, 01:32 AM   #5
manjunathgn
LQ Newbie
 
Registered: Aug 2008
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by evo2 View Post
You can use brute force approaches but I think the forum rules forbid discussing this.

The best thing to do is make a dedicated account for this user, and copy the hashed password that they set on your account to their account. Then you can reset the password to whatever you like on your account.

Evo2.
Thnks for the reply...


My doubt is like..I have changed my password...How did he know that...
How can he decipher mine...
Old password was known to him but not the new one...
How can he known the new password



Manju

Last edited by manjunathgn; 11-30-2009 at 01:33 AM.
 
Old 11-30-2009, 01:34 AM   #6
manjunathgn
LQ Newbie
 
Registered: Aug 2008
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Disillusionist View Post
Is anyone else concerned that your post title is "Root Password"?

Was it the root password that you gave someone?

If not, does your user account have the ability to use sudo?

If you changed your password and the other person immediately knew what you changed it to, you should assume that the system may be compromised.

Thanks for the reply

My doubt is like..I have changed my password...How did he know that...
How can he decipher mine...
Old password was known to him but not the new one...
How can he known the new password



Manju
 
Old 11-30-2009, 01:38 AM   #7
manjunathgn
LQ Newbie
 
Registered: Aug 2008
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by itsbrad212 View Post
LOL
Thanks for the reply...

U can write the procedure on my personal mail...


manjunath.gn@jupitermail.in

Write to this id pl....


Manjunath
 
Old 11-30-2009, 01:40 AM   #8
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Quote:
Originally Posted by manjunathgn View Post
How can he known the new password
Using the same brute force methods that I am not going to discuss.

He also could have installed a rootkit, since as was pointed out it seems that you gave him the root password... not at all a good idea.

Evo2.
 
Old 11-30-2009, 02:32 AM   #9
Wifi-Fanatux
Member
 
Registered: Mar 2009
Location: Northwest
Distribution: LAPTOP->DreamStudio & Saline-Debian
Posts: 70

Rep: Reputation: 19
Administrator

Check to see if he created another user with administrative priviledges that he uses to login on your PC.
 
Old 11-30-2009, 02:51 AM   #10
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,063

Rep: Reputation: 381Reputation: 381Reputation: 381Reputation: 381
Once you give the root password to someone you can never be sure that your system will be safe from that person (that is, unless you absolutely, blindingly, trust him).

While he was root he could have installed a rootkit in many forms, he could simply put a cron job on /etc/cron.daily/ to automatically mail him the passwd and shadow files once every day, the rest, just brute force. Just a random example... once you are root there are like twenty billion ways to ensure that you are not going to lose that privilege.

That's why you shouldn't ever grant more privileges than those strictly needed, much less out of laziness.
 
Old 11-30-2009, 02:55 AM   #11
smeezekitty
Senior Member
 
Registered: Sep 2009
Location: Washington U.S.
Distribution: M$ Windows / Debian / Ubuntu / DSL / many others
Posts: 2,330

Rep: Reputation: 227Reputation: 227Reputation: 227
You gave someone else you ROOT PASSWORD??!?!??!?
BAD BAD BAD IDEA!
He could have left an open door so he can get the password anytime he wants now.
 
Old 11-30-2009, 03:13 PM   #12
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,036

Rep: Reputation: 96
Quote:
Originally Posted by manjunathgn View Post
Thanks for the reply...

U can write the procedure on my personal mail...
First, you should never post your email address on a public forum as this is likely to be picked up by spammers.

Second, you should treat the machine as compromised. Where you want to go from here is up to you (or your company).

If you just want to get the machine back to a "safe" setting, you could:
  1. reinstall the OS and restore your data from a backup tape (prior to you giving away the password)
  2. change the password to something else (use a complex password!)
  3. don't repeat the same mistake in future.

You should review your companies security procedures.

Do you have a written third party network usage agreement?

This should be checked by a lawyer to ensure that it is legally binding and should be signed by any third parties that need access to your system (including external engineers) prior to granting access.

When granting access to systems, only give enough permissions for them to perform the task at hand.

If something has to be done as root, get the third party to provide instructions and perform the task yourself, or have them come onsite and be monitored throughout the work. Do not give the root password but insist that you enter the password as required and do not leave them alone with root access.
 
Old 11-30-2009, 06:01 PM   #13
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
In addition to the fine advice above, if(!) they need a privileged cmd, look into restricting them to just that/those cmds via the sudo tool.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 11:28 PM
Change my root password in Debian Linux if I have the current password? panseluta Linux - Newbie 2 12-28-2008 03:02 AM
How to retrieve( or reset) root password in Mandrake Linux, as I forgot my password? Reghunath Linux - Software 4 05-08-2008 05:11 AM
Password Recovery in Edubuntu 7.04 - In Terminal, Root Login : su , password : ????? farhannaeem13 Linux - Security 3 11-30-2007 10:59 AM


All times are GMT -5. The time now is 06:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration