From owner-freebsd-questions@FreeBSD.ORG Wed Nov 22 06:45:23 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DA81716A500 for ; Wed, 22 Nov 2006 06:45:23 +0000 (UTC) (envelope-from dundeemt@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.184]) by mx1.FreeBSD.org (Postfix) with ESMTP id B8EF743D68 for ; Wed, 22 Nov 2006 06:44:50 +0000 (GMT) (envelope-from dundeemt@gmail.com) Received: by nf-out-0910.google.com with SMTP id x37so411602nfc for ; Tue, 21 Nov 2006 22:45:16 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=OxWlexxOjLLVPjsoBMiIzZaEKO2p5ljrbQ6Vjw5lczm9KMkM3FACllSIqiKyOT19AoRLmRYS0jP+tiQo6YghkqcLF/Re9ueC+9kS9ffjOyGVxHe6ePntJzRYEMsJRLAUbW8EHs0D7/v1WWAPyGfKNbx/MaHvLSktcyVS+YpOIhs= Received: by 10.82.135.13 with SMTP id i13mr1182411bud.1164177916177; Tue, 21 Nov 2006 22:45:16 -0800 (PST) Received: by 10.82.108.18 with HTTP; Tue, 21 Nov 2006 22:45:15 -0800 (PST) Message-ID: <5aaed53f0611212245v2f194531q569ab17a9bac1d6e@mail.gmail.com> Date: Wed, 22 Nov 2006 00:45:15 -0600 From: "Jeff Hinrichs - DM&T" Sender: dundeemt@gmail.com To: VeeJay In-Reply-To: <20061121225903.fswba3d1uss8wgos@secure.rem1tech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <20061121225903.fswba3d1uss8wgos@secure.rem1tech.com> X-Google-Sender-Auth: 80a145ee932674fb Cc: freebsd-questions@freebsd.org Subject: Re: Password Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Nov 2006 06:45:23 -0000 On 11/21/06, Russell E. Meek wrote: > Quoting VeeJay : > > > Hi > > > > I need to secure my data and server. Any advice will be highly appreciated. > > > > I am going to place my FreeBSD server at a shared place? > > > > I am just afraid that any unauthorized person might boot machine in single > > user mode and steal the data? > > How can I make my Server secure that if if boots in single user mode, it > > still demands the password and without password one cannot do anything? > > or make it possible that booting in Single user mode, doesn't provide any > > shell? > > > > Thanks in advance > > > > -- > > > > BR / vj > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > BR, > > Edit /etc/ttys and look for the following line: > > # If console is marked "insecure", then init will ask for the root password > # when going to single-user mode. > console none unknown off secure > > Change "secure" to "insecure" (no quotes) this will require the root > password to be entered when booting into Single User Mode. > > > Thanks, > > Russ > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > If the box isn't physically secured then this is just blowin in the wind. Short of fully encrypted disks that require a token/password at boot, there isn't any security in this kind of environment.