First Cup of Ubuntu
Re: Resetting a Forgotten Password - I Have a Problem with This
But it is not SOLVED.
You said:
I haven't tried this option to change the password, but it seems that the solution is wrong. You can't change root's password without root's password. Am I wrong?Originally Posted by lefo
In comments of above article there are a lot of users complaining that they can't change password. So?
I Ubuntu, Therefore, I Am
Welcome to the forums!
Ubuntu does not use a "root password" and I encourage you to read this FAQ: https://help.ubuntu.com/community/RootSudo
And here is a good tutorial how to reset a forgotten password: http://www.psychocats.net/ubuntu/resetpassword
Possibly the readers in the comments section of the link have not read the helpful links above? If they want to post here on ubuntuforums, we will help them.
First Cup of Ubuntu
And this is it.
Thx
First Cup of Ubuntu
Im having problems on my linux machine. Today one of my dads businessmen brought over 2 computers, 1 linux 1 windows xp, I tryed running the linux machine and it had a password. Im trying to bypass the password but it doesnt work. Im using a XP machine at the moment until I can bypass the password. Any suggestions?
Dark Roasted Junkie
http://www.psychocats.net/ubuntu/resetpassword
Cheesemill
What are you planning?
Why not just ask them for the password? Assuming they own the computers, of course.
Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide
Tomorrow's an illusion and yesterday's a dream, today is a solution...
5 Cups of Ubuntu
Your comment is not entirely true. While physical attacks are difficult to combat, it is not an impossible feat. I believe most people still repeat "physical = root" because it was a very popular notion a decade ago when security became "mainstream" because of our global dependence on technology. Here are some common methods a person could use to harden their system(s) against an attacker with physical access:
1) Set a supervisor password in your BIOS and remove the option to boot from removable media (flash drive, CD/DVD, etc). This in conjunction with correct OS-level access restrictions would help prevent most (common) physical attacks. I mean, if you let them run as a privileged user then they could easily circumvent this by flashing the firmware, brute forcing the password, etc. So, in a real-world situation it would be possible for an attacker to take advantage of an exploit to gain access to a super-user account and perform such actions, but this would be unlikely if you're properly maintaining your system (and the fact that if they already have super-user rights through an exploit then they would be stupid to waste their time trying to modify your boot order). You could also force users to need to know a password set within the BIOS to even boot at all if you were really worried (assuming your BIOS supports it).
2) Encrypt your entire hard drive using the Advanced Encryption Standard. Several distributions make this easy by offering to perform the task during an installation and the performance hit is a non-issue on semi-modern hardware, so there is no real reason not to utilize a technology that is specifically designed to protect your sensitive data against an attacker with direct access to it. Just be cautious when using full-disk encryption with an SSD, flash drive, etc. because of the built-in wear leveling on such devices. In a practical sense, I am sure your data would remain safe. However, when faced against a skilled forensic examiner, you might leak a lot more information than one would realize. There is a lot more to this whole sub-topic, but I won't go into it. Also, I wouldn't opt-in to use other popular ciphers (Serpent, etc) because they are not as well tested.
3) Use DDR3 memory. Cold Boot Attacks are found to only be effective on older types of memory that stored voltage over longer periods of time. DDR3 should only store enough voltage for a few seconds of data retention after the machine has been powered down (clean or unclean). I won't go into counter-measures here if you're running older memory types just because I seriously doubt you would encounter such an attack.
4) Keep your boot loader on removable media and never let it out of your sight. /boot should be the only unencrypted part of your hard disk, and you can further reduce your risk of physical attack by storing it on removable media. If you choose to store this unencrypted on your disk, then don't be surprised when you boot into a hostile environment.
5) Utilize smart cards and/or fingerprint scanners. My personal favorite is the FS88 fingerprint scanner. This can be used as a strong two-way authentication system (Something you have and something you know). Also, on an unrelated note, look into learning more about Pluggable Authentication Modules. You would be amazed at the neat things you can achieve.
6) Use common sense. Keep your machine properly updated, store off-site logs in case you ever need to deal with a disaster response and recovery scenario, heavily restrict access to guest users (far more than the guest account currently does. try to only give them access to what they need for their specific tasks and nothing else) and follow all of the other basic security principals.
There you go. Six easy steps to dramatically increase your security, even if you're dealing with someone that has physical access to the machine. If you perform all six steps correctly, then it would be very unlikely that anyone you know would be able to circumvent your restrictions. Even if they could, it would be a pain and probably not something they would invest their time into.
From now on, please don't automatically assume that physical access is the same as root access. As you can see, that simply isn't the case these days on a properly configured machine. I mean, it is more than possible to compromise a machine with physical access even if they perform all six steps, but it would not be a trivial task nor something just any attacker could achieve.
Last edited by KaosuX; April 6th, 2013 at 02:09 AM.
Dark Roasted Junkie
It's a trivial task to bypass BIOS password protection, you just need to reset the BIOS by using the motherboard jumper or removing the CMOS battery.
Either that or you just remove the drive altogether and use it in a different machine.
I think people have already mentioned that physical access = root access unless you use encryption, which is still the case.
Cheesemill
5 Cups of Ubuntu
This is true for older hardware. However, dual-BIOS chips are common when using modern hardware. One is suppose to remain "stock" so if something goes wrong with the primary chip (or settings) then the system can recover from it. However, most of them do mirror password settings so the old jumper/battery method no longer works on them. I am sure this might still be the case in a lot of situations, but the proper selection of hardware can fortify against such trivial attacks. Also, I am unsure if I failed to convey myself correctly, but I was meaning for people to take all 6 steps as a whole and not treat each individual step as a method of strong security within itself. A simple push of a button can clear your settings in an instant since that is now what newer motherboards use to replace old jumper settings, but your mileage will vary depending on the motherboard you're dealing with. That is not me trying to be argumentative, just something I have took note of when working out in the field.
Also, while I agree it would be trivial in most cases, it at the very least stops a clueless attacker from putting a LiveCD in the tray and using an automated tool to reset account passwords.
With anything security-related it is best to work in layers. That suggestion was just one layer that is the part of a whole. So, please treat it as such.
Thanks for the response, though.
What are you planning?
As Cheesemill already covered, it is trivial to reset the BIOS to get around a boot password or bios password. Some systems don't let you do that, but most of the time I have only seen that type of security in business class laptops.
Sure, encryption is one method, but what happens if someone decides to attack your machine while it is powered on and the encryption key is in memory?
Are we talking home users or business users here? The price I work at is still running Pentium 4 machines with their epic DDR memory, but new technology is not really budgeted in. Other companies might be different, but from my experience if a piece of hardware works fine, there is no reason to replace it with something newer/more advanced.
Again, home user vs business user? Storing your boot loader on a removable media sounds like a good idea, but what if you misplace the disk or thumb drive? What about booting to a livecd and installing GRUB to the main drive?
Home or business user again? I doubt a home user would be using a smartcard. They might have a fingerprint reader on a laptop or another device, but how well does it work with Linux?
I'll assume you are talking about business users, judging from tip #3, #4, #5 and #6. Are you talking about workstation or server logs? I have never seen logs stored offsite. Backups (which probably contain logs) yes, but not logs by themselves. If you have everyone running as a standard user, use apparmour or selinux and limit what those standard users have access to, you should be fine.
I can only speak for myself, but when the place I work at hired a consultant, they made them a "normal" user with access to the tools they needed. I don't really see a reason to use the guest account unless the person is actually a guest (which is highly unlikely unless you have open wifi or something).
Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide
Tomorrow's an illusion and yesterday's a dream, today is a solution...
Adv Reply
Bookmarks