Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 22 Nov 2006 00:45:15 -0600
From:      "Jeff Hinrichs - DM&T" <jeffh@dundeemt.com>
To:        VeeJay <maanjee@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Password Security
Message-ID:  <5aaed53f0611212245v2f194531q569ab17a9bac1d6e@mail.gmail.com>
In-Reply-To: <20061121225903.fswba3d1uss8wgos@secure.rem1tech.com>
References:  <2cd0a0da0611211941iae07787q3f433fb2c8ab1f22@mail.gmail.com> <20061121225903.fswba3d1uss8wgos@secure.rem1tech.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 11/21/06, Russell E. Meek <rmeek@rem1tech.com> wrote:
> Quoting VeeJay <maanjee@gmail.com>:
>
> > Hi
> >
> > I need to secure my data and server. Any advice will be highly appreciated.
> >
> > I am going to place my FreeBSD server at a shared place?
> >
> > I am just afraid that any unauthorized person might boot machine in single
> > user mode and steal the data?
> > How can I make my Server secure that if if boots in single user mode, it
> > still demands the password and without password one cannot do anything?
> > or make it possible that booting in Single user mode, doesn't provide any
> > shell?
> >
> > Thanks in advance
> >
> > --
> >
> > BR / vj
> > _______________________________________________
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>
> BR,
>
> Edit /etc/ttys and look for the following line:
>
> # If console is marked "insecure", then init will ask for the root password
> # when going to single-user mode.
> console none                            unknown off secure
>
> Change "secure" to "insecure" (no quotes) this will require the root
> password to be entered when booting into Single User Mode.
>
>
> Thanks,
>
> Russ
>
>
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>
If the box isn't physically secured then this is just blowin in the
wind.  Short of fully encrypted disks that require a token/password at
boot, there isn't any security in this kind of environment.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5aaed53f0611212245v2f194531q569ab17a9bac1d6e>