Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
11-29-2009, 09:03 PM
|
#1
|
LQ Newbie
Registered: Aug 2008
Posts: 17
Rep:
|
Root Password
Dear ALL,
One of our computer is connected to other company's network n they r supposed to read data from our PC's. Initially i had given my password to him. After that i changed it. But that fellow deciphered my new password and asked to me whether that was my new password..
How do we retrieve/decipher the password if some one changes it?
Tell me how can he decipher my new password?
Manjunath
|
|
|
11-29-2009, 09:07 PM
|
#2
|
LQ Guru
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and CentOS
Posts: 6,726
|
You can use brute force approaches but I think the forum rules forbid discussing this.
The best thing to do is make a dedicated account for this user, and copy the hashed password that they set on your account to their account. Then you can reset the password to whatever you like on your account.
Evo2.
|
|
|
11-29-2009, 11:53 PM
|
#3
|
Member
Registered: Nov 2009
Location: Chicago
Distribution: Arch and OpenBSD
Posts: 104
Rep:
|
Quote:
You can use brute force approaches but I think the forum rules forbid discussing this.
|
LOL
|
|
|
11-30-2009, 12:12 AM
|
#4
|
Senior Member
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,039
Rep:
|
Is anyone else concerned that your post title is "Root Password"?
Was it the root password that you gave someone?
If not, does your user account have the ability to use sudo?
If you changed your password and the other person immediately knew what you changed it to, you should assume that the system may be compromised.
|
|
|
11-30-2009, 12:32 AM
|
#5
|
LQ Newbie
Registered: Aug 2008
Posts: 17
Original Poster
Rep:
|
Quote:
Originally Posted by evo2
You can use brute force approaches but I think the forum rules forbid discussing this.
The best thing to do is make a dedicated account for this user, and copy the hashed password that they set on your account to their account. Then you can reset the password to whatever you like on your account.
Evo2.
|
Thnks for the reply...
My doubt is like..I have changed my password...How did he know that...
How can he decipher mine...
Old password was known to him but not the new one...
How can he known the new password
Manju
Last edited by manjunathgn; 11-30-2009 at 12:33 AM.
|
|
|
11-30-2009, 12:34 AM
|
#6
|
LQ Newbie
Registered: Aug 2008
Posts: 17
Original Poster
Rep:
|
Quote:
Originally Posted by Disillusionist
Is anyone else concerned that your post title is "Root Password"?
Was it the root password that you gave someone?
If not, does your user account have the ability to use sudo?
If you changed your password and the other person immediately knew what you changed it to, you should assume that the system may be compromised.
|
Thanks for the reply
My doubt is like..I have changed my password...How did he know that...
How can he decipher mine...
Old password was known to him but not the new one...
How can he known the new password
Manju
|
|
|
11-30-2009, 12:38 AM
|
#7
|
LQ Newbie
Registered: Aug 2008
Posts: 17
Original Poster
Rep:
|
Quote:
Originally Posted by itsbrad212
LOL
|
Thanks for the reply...
U can write the procedure on my personal mail...
manjunath.gn@jupitermail.in
Write to this id pl....
Manjunath
|
|
|
11-30-2009, 12:40 AM
|
#8
|
LQ Guru
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and CentOS
Posts: 6,726
|
Quote:
Originally Posted by manjunathgn
How can he known the new password
|
Using the same brute force methods that I am not going to discuss.
He also could have installed a rootkit, since as was pointed out it seems that you gave him the root password... not at all a good idea.
Evo2.
|
|
|
11-30-2009, 01:32 AM
|
#9
|
Member
Registered: Mar 2009
Location: Northwest
Distribution: LAPTOP->DreamStudio & Saline-Debian
Posts: 70
Rep:
|
Administrator
Check to see if he created another user with administrative priviledges that he uses to login on your PC.
|
|
|
11-30-2009, 01:51 AM
|
#10
|
Gentoo support team
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,083
|
Once you give the root password to someone you can never be sure that your system will be safe from that person (that is, unless you absolutely, blindingly, trust him).
While he was root he could have installed a rootkit in many forms, he could simply put a cron job on /etc/cron.daily/ to automatically mail him the passwd and shadow files once every day, the rest, just brute force. Just a random example... once you are root there are like twenty billion ways to ensure that you are not going to lose that privilege.
That's why you shouldn't ever grant more privileges than those strictly needed, much less out of laziness.
|
|
|
11-30-2009, 01:55 AM
|
#11
|
Senior Member
Registered: Sep 2009
Location: Washington U.S.
Distribution: M$ Windows / Debian / Ubuntu / DSL / many others
Posts: 2,339
|
You gave someone else you ROOT PASSWORD??!?!??!?
BAD BAD BAD IDEA!
He could have left an open door so he can get the password anytime he wants now.
|
|
|
11-30-2009, 02:13 PM
|
#12
|
Senior Member
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,039
Rep:
|
Quote:
Originally Posted by manjunathgn
Thanks for the reply...
U can write the procedure on my personal mail...
|
First, you should never post your email address on a public forum as this is likely to be picked up by spammers.
Second, you should treat the machine as compromised. Where you want to go from here is up to you (or your company).
If you just want to get the machine back to a "safe" setting, you could: - reinstall the OS and restore your data from a backup tape (prior to you giving away the password)
- change the password to something else (use a complex password!)
- don't repeat the same mistake in future.
You should review your companies security procedures.
Do you have a written third party network usage agreement?
This should be checked by a lawyer to ensure that it is legally binding and should be signed by any third parties that need access to your system (including external engineers) prior to granting access.
When granting access to systems, only give enough permissions for them to perform the task at hand.
If something has to be done as root, get the third party to provide instructions and perform the task yourself, or have them come onsite and be monitored throughout the work. Do not give the root password but insist that you enter the password as required and do not leave them alone with root access.
|
|
|
11-30-2009, 05:01 PM
|
#13
|
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,397
|
In addition to the fine advice above, if(!) they need a privileged cmd, look into restricting them to just that/those cmds via the sudo tool.
|
|
|
All times are GMT -5. The time now is 08:10 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|