Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 03 Mar 2015 10:20:25 +0100
From:      =?windows-1252?Q?Ricardo_Mart=EDn?= <fluxwatcher@gmail.com>
To:        Daniel Peyrolon <tuchalia@gmail.com>, freebsd-questions@freebsd.org
Subject:   Re: Check root password changes done via single user mode
Message-ID:  <54F57CD9.2000707@gmail.com>
In-Reply-To: <CA%2ByaQw_3JJ2tJm32or-UmSpfMFo_jCn_JD1xFw=1E9i9K2reDg@mail.gmail.com>
References:  <54F56A83.3000404@gmail.com> <CA%2ByaQw_3JJ2tJm32or-UmSpfMFo_jCn_JD1xFw=1E9i9K2reDg@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help

Indeed, that would be a way of checking the password change, but I was
more interested in whether such a change could be flagged as being
carried out from single user mode.
Or in another words whether the root's passwords has been reset
accessing the machine during the boot process.

On 03/03/15 09:50, Daniel Peyrolon wrote:
> What I would do is storing a copy of root's password hash somewhere, and
> compare it with the recent one.
> The hash can be read at master.passwd (check passwd(5)).
>
> El mar., 3 de marzo de 2015 a las 9:02, Ricardo Martín (<
> fluxwatcher@gmail.com>) escribió:
>
>> hi all,
>>
>> wondering which would be the best approach to script check if the root
>> password has been changed via single user mode.
>>
>> tia
>>
>>
>>
>> _______________________________________________
>> freebsd-questions@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to "freebsd-questions-
>> unsubscribe@freebsd.org"
>>





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54F57CD9.2000707>