Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
10-04-2006, 03:19 PM
|
#1
|
LQ Newbie
Registered: Oct 2006
Posts: 1
Rep:
|
User Name - Pass Word Mismatch
URGENT
I am having Redhat Linux on my system, but access is denied due to username-password mismatch. How can i change username and password both, so that i can have access to Linux?
SUNIL
|
|
|
10-04-2006, 05:22 PM
|
#2
|
Member
Registered: Nov 2005
Location: New Jersey, USA
Distribution: SuSE
Posts: 492
Rep:
|
Are you talking about the root user, or another user?
Have you checked the Caps Lock key?
If you forgot the root password, the only way to use the machine is to reinstall Linux.
|
|
|
10-05-2006, 03:43 AM
|
#3
|
Senior Member
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Ubuntu 12.04, Antix19.3
Posts: 3,797
|
If I'm correctly informed (I'd never had to use it) reinstall is a bit overkill, just gain access to the machine (live cd, rescue mode of install cd) and wipe the password from /etc/passwd.
|
|
|
10-05-2006, 10:18 AM
|
#4
|
Member
Registered: Nov 2005
Location: New Jersey, USA
Distribution: SuSE
Posts: 492
Rep:
|
I don't know about the default of RedHat, but I have SuSE and it will specifically not allow that, for the obvious reason - then all you need to do to get past the root password is what you instructed.
If your machine will allow that, I would STRONGLY recommend changing it somehow.
|
|
|
10-05-2006, 10:55 AM
|
#5
|
LQ Guru
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131
Rep: 
|
Quote:
I don't know about the default of RedHat, but I have SuSE and it will specifically not allow that, for the obvious reason - then all you need to do to get past the root password is what you instructed.
If your machine will allow that, I would STRONGLY recommend changing it somehow.
|
Indeed. I think most distributions out there only let root access the file, but even then there is a problem: if bootloader is not protected, anyone can boot into single-user mode..with root privileges. This is a security flaw in unbelievably many systems, if the user doesn't secure the bootloader with a password. I recall Redora does ask for a bootloader password to be set during the setup, but many distributions do not.
|
|
|
10-05-2006, 11:37 AM
|
#6
|
Member
Registered: Nov 2005
Posts: 144
Rep:
|
Quote:
Originally Posted by jantman
I don't know about the default of RedHat, but I have SuSE and it will specifically not allow that, for the obvious reason - then all you need to do to get past the root password is what you instructed.
If your machine will allow that, I would STRONGLY recommend changing it somehow.
|
This is something no operating system can defend against. If the computer boots from a live CD, the normal operating system is not even started, so it cannot prevent this attack. Usually, the root partition is not encrypted, so anyone with direct access to the disk (with al live cd or by manually plugging the disk into another computer) can change the /etc/shadow file. The only defense is to prevent potential attackers from gaining physical access to the hard disk and disabling booting from removable media via BIOS (don't forget to password protect your bios also). However, most BIOSes have publicly known master passwords, and can be resetted with a switch on the main board.
|
|
|
All times are GMT -5. The time now is 01:11 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|