Date: Sat, 26 Jul 2008 13:53:27 -0400 From: Chuck Robey <chuckr@telenix.org> To: DSA - JCR <juancr@dsa.es> Cc: freebsd-questions@freebsd.org Subject: Re: Root boot/mount Password? Message-ID: <488B6497.80004@telenix.org> In-Reply-To: <3176.84.18.27.248.1217093483.squirrel@mail.dsa.es> References: <3176.84.18.27.248.1217093483.squirrel@mail.dsa.es>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 DSA - JCR wrote: > Hi all > > FreeBSD 6.2 > > I would like to put a password when booting/mounting mi Freebsd box. > is it possible? How? > > What I want is that if the system is rebooted or shutdown, somebody must > enter a password to boot and/or mounting "/" > > is for protecting the system from unauthorized users A couple of items here. The first is a long known rule of security, which is, if an attacker has physical access to the console, then the game is up, you can't protect it any more. This has *somewhat* been modified in the last few years, because it's a become a fairly common option in BIOSes to allow for a boot password. This too can be bypassed, pretty quickly and thoroughly, by doing a CMOS memory clear, but it IS a step in the right direction. Honestly, though, a good security strategy is to respect that rule about an attacker with physical access to the console: protect yourself physically. Yes, you can set that boot password in the BIOS (active before any OS, including FreeBSD, starts up) but don't be silly and rely on that ... protect yourself. > > > Thanks in advance > > Juan Coruņa > Desarrollo de Software Atlantico > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkiLZJYACgkQz62J6PPcoOkWkgCePG+GpCdE3XJ+g1IzXjZ9QzzT jm8An2MpTyWMnTnTvfLMCmqNhTC2GXaj =YdcO -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?488B6497.80004>