Date: Sat, 3 Oct 2015 00:14:44 +0200 From: Polytropon <freebsd@edvax.de> To: "Moreno Carullo" <moreno.carullo@nozominetworks.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Console -- insecure settings Message-ID: <20151003001444.20266a03.freebsd@edvax.de> In-Reply-To: <op.x5voaws7g7njmm@workstation> References: <C7226F48-6CAB-4C42-A0F9-33A306B1EF16@nozominetworks.com> <20151002112101.GA95004@eris.bzerk.org> <op.x5voaws7g7njmm@workstation>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 02 Oct 2015 14:14:42 +0200, Michael Ross wrote: > Am .10.2015, 13:21 Uhr, schrieb Ruben de Groot <mail25@bzerk.org>: > > > On Fri, Oct 02, 2015 at 10:32:48AM +0000, Moreno Carullo typed: > >> Hi all, > >> > >> I would like to set the console as insecure as documented here: > >> https://www.freebsd.org/doc/handbook/boot-introduction.html > >> > >> the issue is that the system seems to ignore the setting, as the single > >> user mode does NOT prompt for password. > > > > I think the documentation is wrong, because /etc/ttys is read by init, > > and init doesn't run in single user mode. > > Single user mode means /bin/sh replaces init. > > I tried this here just now, and having set "console" to "insecure", > the system prompts for the root password as documented. > > 10.1-RELEASE-p10 In worst case, check out "man 5 loader.conf" on how to require an earlier-stage password (for the boot loader); see the "password" and "bootlock_password" options for /boot/loader.conf. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151003001444.20266a03.freebsd>