From owner-freebsd-questions Thu Jun 25 06:35:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA09242 for freebsd-questions-outgoing; Thu, 25 Jun 1998 06:35:55 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from ns.insolwwb.net (root@ns.insolwwb.net [206.31.149.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA09237 for ; Thu, 25 Jun 1998 06:35:52 -0700 (PDT) (envelope-from mgrommet@insolwwb.net) Received: from work2.insolwwb.net (work2.insolwwb.net [208.150.248.12]) by ns.insolwwb.net (8.8.7/8.7.3) with SMTP id IAA15108; Thu, 25 Jun 1998 08:27:35 -0500 (CDT) Message-ID: <009f01bd9fd9$ae16eea0$0cf896d0@work2.insolwwb.net> From: "Mike Grommet" To: "Roman Katsnelson" Cc: Subject: Re: root passwd Date: Wed, 24 Jun 1998 20:36:30 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Its not often I can answer a question, but hey, every now and then I get lucky. >Eek! I forgot the root password! > >Well, actually I didn't forget it, I set it, but then the system sorta >crashed and now it doesn't recognize it anymore. So I went to the FAQ >and it said to do this: > >(boot up in single user mode) > >mount -u / >passwd root >mount -a >exit > >i have two things about this: > >a)it doesn't work -- i get a "passwd not found" command -- anything I >can do except reinstall from scratch? (full system from FTP -- i'd >rather not :-) > you are going to have to mount /usr as well since passwd is in /usr/bin according to my 2.2.5 distrib machine... mount your /usr partition and then execute /usr/bin/passwd also when you mount your / partition make sure that you mount it read-write otherwise when it goes to change the password, it wont be able to write to the file. >b) if it DOES work -- itsn't it a serious security issue that anyone >with the access to the FAQ (which is every literate person in the >world!) can get root password? i know that it's probably not, but i >would just like to be explained WHY not, if possible. Well, its usually assumed that the console is secure. This ability is only available from the console. Sure its a problem if your machine is not in a safe place, but if you dont want someone to screw with it in general (if the machine is _important_ vs a machine you are playing around with), then you really should put it in a safe place. While it could be considered a little bit of a security risk, it sure beats having to reinstall the entire OS simply because your root passwd got hosed... Mike Grommet System Admin, and all around nice guy Internet Solutions, Inc. mgrommet@insolwwb.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message