Auto login on first console?
I'm running a couple of servers here and it is often a pain to log in via root via console every time I need access.
Is there a way you can configure the console to autologin as root on every startup, that way quickly troubleshooting a problem can be done without having to log in?
It also helps cause some of our customers change their root passwords and having to get an update on the password can cause trouble.
Thanks. I've googled quite a bit but can't dig up anything useful.
Would you really want to have your server to automatically log in as root, giving full permissions to the first dude who gets to the place? No, I doubt you do. And if you think about your customers, nor do they.
I still insist on how to do it though.
If somebody has physical access to your server, a password is a small roadblock of a few minutes if somebody is dedicated to getting in.
This is a secure facility (and I mean very secure, with badge access and everything, only a few people are allowed in this room) if anyone were to get in here with physical access it would mean a bigger problem then a single machine being compromised.
I wouldn't do this to a public kiosk, but in this type of facility it seems logical.
I'm quoting one of the 10 Immutable Laws of Security here (Published by Microsoft, unfortunately, but good/funny anyways)
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
* He could mount the ultimate low-tech denial of service attack, and smash your computer with a sledgehammer.
* He could unplug the computer, haul it out of your building, and hold it for ransom.
* He could boot the computer from a floppy disk, and reformat your hard drive. But wait, you say, I've configured the BIOS on my computer to prompt for a password when I turn the power on. No problem – if he can open the case and get his hands on the system hardware, he could just replace the BIOS chips. (Actually, there are even easier ways).
* He could remove the hard drive from your computer, install it into his computer, and read it.
* He could make a duplicate of your hard drive and take it back his lair. Once there, he'd have all the time in the world to conduct brute-force attacks, such as trying every possible logon password. Programs are available to automate this and, given enough time, it's almost certain that he would succeed. Once that happens, Laws #1 and #2 above apply.
* He could replace your keyboard with one that contains a radio transmitter. He could then monitor everything you type, including your password.
wow! well you can't stop someone from shooting themselves in the foot so here you go:
|All times are GMT -5. The time now is 11:25 PM.|