Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I have installed SUSE 9.0 several time because what is happenening is on the install I setup my root password in MD5 encrytion format (It give me three options, Default, MD5, and Blowfish). If I use default is says that the password that I am using is to short so that is why I use MD5. I have not tried Blowfish.After everything is setup usually will ssh into my box from work and change the password to something more secure. What is happening is when I ssh in to my box and change my password it works for a while and then after several attemps I cannot get back into as root. Is there something that I have to modify so that this doesnt happen. the command that I use when is passwd root: and then I change my password. Could it possible be that by using this command it changes the encrytion that I was using MD5 to something different and that would be the reason my password never work. This is driving me crazy.
Hmm sounds very strange. Note the password hash that's in the /etc/shadow file when its working and see if that's changed when its not working. Also check your /etc/ssh/sshd_config to see if root login is allowed, although usually its either allowed or its not - not allowed for a while then revoked.
I changed from the default that is DES or something like that to Blowfish and never had any complaints from the users and when I look at the file I see Blowfish encrypted password mixed with the default ones. This in a Suse 9.1 box
SO far after reinstall SUSE 9.0 again, I havnt run into a problems but I am a little nervous about changing the password again for what had happened to me earlier. If this does happen again, is there a backdoor that I could use to get in and change my password again?
just one more question. Can a cracker do the same thing if he wanted to.
a cracker copies his hash password from his machine on to a floppy and then finds your machine and then boots with a cdrom or a disk and just copy his hash password into your etc/shadow file and then viola there in as root and the hell begins.
Last edited by metallica1973; 07-20-2005 at 07:55 AM.
Anybody who has physical access to the inside of your computer (no matter what type of computer it is) can bypass operating system security. Even if you set a BIOS password and disabled booting from CDROM or Floppy the cracker could just open your box and either reset the BIOS by removing its battery or simply remove your hard drive and plug it into his own computer. Its the same with Windows too BTW - there are plenty of Windows password recovery livecds or programs available for free a short google away.
The only way to get around this is to encrypt your data, or even your entire hard drive if you really don't have any physical security for your computer (eg. your travel laptop).
But the easiest solution is to not let malicious crackers carying screwdrivers walk into your home or place of business!