so what happens if u forget ur root password?

[statik213]

forgot the root pwd on one machine for yesterday, it eventualy came back to me... but what do you do if u forget it?

 

[stars]

http://cities.lk.net/lost_password.htm

 

[nweaver]

single user mode, or sudo passwd root 😉

 

[statik213]

Originally posted by: stars
http://cities.lk.net/lost_password.htm

so it's that easy? kinda scary....

 

[CTho9305]

Originally posted by: statik213

Originally posted by: stars
http://cities.lk.net/lost_password.htm

so it's that easy? kinda scary....

It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever.

 

[Nothinman]

so it's that easy? kinda scary....

Which explains why physical security is so important.

And actually, if you can edit the bootloader easily (i.e. you're using grub) you can pass the kernel the parameter 'init=/bin/bash' and instead of starting init which starts the normal bootup process you'll be given a root shell and can change the root password from there. You might have to remount the filesystem read-write with 'mount -o remount,rw /' depending on how the box is setup, but that's it.

 

[n0cmonkey]

sudo

 

[stash]

It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?

 

[n0cmonkey]

Originally posted by: STaSh

It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?

I think he means that if you use EFS your data will be inaccessible in a useful manner if you use password recovery tools. Or something.

 

[Nothinman]

sudo

If you have sudo restricted that won't work. You would have to have it setup with an account allowed to run passwd for any account or any command at all.

 

[n0cmonkey]

Originally posted by: Nothinman

sudo

If you have sudo restricted that won't work. You would have to have it setup with an account allowed to run passwd for any account or any command at all.

Yeah, but I don't have it restricted very well, and the title asked me how I'd do it. 😉

 

[DidlySquat]

Originally posted by: Nothinman

so it's that easy? kinda scary....

Which explains why physical security is so important.

And actually, if you can edit the bootloader easily (i.e. you're using grub) you can pass the kernel the parameter 'init=/bin/bash' and instead of starting init which starts the normal bootup process you'll be given a root shell and can change the root password from there. You might have to remount the filesystem read-write with 'mount -o remount,rw /' depending on how the box is setup, but that's it.

it's easier to boot knoppix cd and chroot or edit the passworfd files directly.

 

[CTho9305]

Originally posted by: n0cmonkey

Originally posted by: STaSh

It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?

I think he means that if you use EFS your data will be inaccessible in a useful manner if you use password recovery tools. Or something.

Correct.

 

[Nothinman]

it's easier to boot knoppix cd and chroot or edit the passworfd files directly.

Hardly. How do you imagine that booting with 'init=/bin/bash' and then typing 'passwd' is more difficult?

 

[Zugzwang152]

Originally posted by: n0cmonkey

Originally posted by: STaSh

It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?

I think he means that if you use EFS your data will be inaccessible in a useful manner if you use password recovery tools. Or something.

unless you remember the original password that was used to set the encryption, your files are lost forever, even if you regian access to the system by resetting the password.

 

[stash]

unless you remember the original password that was used to set the encryption, your files are lost forever, even if you regian access to the system by resetting the password.

Yes I see now, this is true. However, words like 'forever' and 'never' don't have a place in crypto, unless you're talking about one-time pads. It would take an extraordinarily long time to brute force 256-bit AES encrypted ciphertext, but it is not impossible. And it is not unreasonable to assume that Rijndael will be broken, because of it's fairly simple mathemetical structure and because there is a somewhat small margin between the number of rounds in the spec and the number of rounds in successful attacks to date.