Return to BSD News archive
Newsgroups: comp.unix.bsd.freebsd.misc Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!rill.news.pipex.net!pipex!oleane!jussieu.fr!fdn.fr!r2d2.fdn.org!sphynx.fdn.fr!causse From: causse@sphynx.fdn.fr (Philippe Causse) Subject: Re: Password issues X-Newsreader: TIN [version 1.2 PL2] Organization: individual - paris - france Message-ID: <EAHtBs.pK@sphynx.fdn.fr> References: <337e914c.418331@news.ibm.net.il> <5lplob$kol@ui-gate.utell.co.uk> Date: Tue, 20 May 1997 18:43:04 GMT Lines: 52 Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:41294 Brian Somers (brian@shift.utell.net) wrote: : In article <EAEAsA.1G3@sphynx.fdn.fr>, : causse@sphynx.fdn.fr (Philippe Causse) writes: : > Enoch Wexler (enoch@wexler.spamthis.co.il) wrote: : >: On Sun, 18 May 1997 05:32:31 GMT, Enoch wrote: : > : >: >I upgraded a 2.1.5 sys to 2.2.2 but forgot to choose a root password. : >: >What is the default password of the new 2.2.2 sys? : > : >: Found the answer to the above shortly after posting. Pressed the ^C : >: during bootup. The system entered single user (root) mode. Mounted the : >: main disk. Used 'passwd' to set the root's password... : > : >: So every passerby can do the same...<shiver> : > : > Except if your console has been flagged as insecure ! : > See "man 5 ttys" for more information :-) : In which case they can either boot off a floppy or pick the machine : up and walk away with it. Physical access makes you God ! You don't : need passwords :) Most decent PC/AT clones have a BIOS setup which allows you to boot from drive "C:" before drive "A:". Furthermore, the setup can be password protected (even the boot sequence can be password protected). Therefore, and admitting that: 1) You boot from C: before A:, 2) You changed the boot code disable the fd(0,a) entry, 3) FreeBSD is _the_ only O.S. on the system 4) Your computer box has been secured (with a locker) The system should be reasonably secured :-) Bad times for crackers! I don't know if Brian will agree but I'll be pretty confident in such a system! : > BTW, same behaviour on Sun systems... (and same cure as well ;-] ) : > : >: Enoch. One more little word about security on Sparcs: if you remove the tod-clock (time-of-day, chip labelled "TO-48") and write zeros at a specific address with a Data-I/O programmer, the console passord isn't checked anymore at boot-time ! Then go for a "STOP-A" and "boot -s" 8-) Unfortunately I don't remember the address anymore... : -- : Brian <brian@awfulhak.org> <brian@freebsd.org> : <http://www.awfulhak.org> : Don't _EVER_ lose your sense of humour ! -- ------------------------------------------------------------------- P. Causse http://www.fdn.fr/~pcausse 4.4BSD/X11R6/Motif-2.0/C++ mailto:causse@sphynx.fdn.fr (UUCP)