How to reset lost root password

niti,

I also want to point out that it is important for an OS to allow its root/admin password to be reset in the event of an emergency (assuming the user has *physical* access to the PC).

If this did not exist, and you lost your root, GRUB and/or BIOS passwords, you would have a twenty-pound paper weight.

Quote:

Originally posted by anomie@Apr 11 2005, 05:28 AM
niti,

I also want to point out that it is important for an OS to allow its root/admin password to be reset in the event of an emergency (assuming the user has *physical* access to the PC).

If this did not exist, and you lost your root, GRUB and/or BIOS passwords, you would have a twenty-pound paper weight.

[snapback]82394[/snapback]

.

In my opinion, This is root's password and should not forgotten and reseted. You would agree or would not agree with me concerning this case, I respect your opinions at all case.
Solve: One can be save it on paper and can keep it in a secret place.


In the meantime , is it Siberia wolf. I love them.

She is a samoyed, actually. Named "Tina." She lives with my wife and I in a tiny apartment, and she is very well behaved (usually).

Quote:

Originally posted by niti@Apr 11 2005, 05:00 PM
.

In my opinion, This is root's password and should not forgotten and reseted. You would agree or would not agree with me concerning this case, I respect your opinions at all case.
Solve: One can be save it on paper and can keep it in a secret place.
In the meantime , is it Siberia wolf. I love them.

[snapback]82494[/snapback]

A password saved on paper is NOT secure. In fact most would argue that is even less secure.

Example - it is now easily found or discovered. A person can read it and memorise it. You would not even know..

But at the end of the day, an OS with no way in for an admin is worse then useless. For example, what if your sysadmin is killed in an unexpected accident? What firm is going to be happy with all the data locked away and unretreivable?

At the end of the day you can circumvent any security feature you can think off. In fact, you can have too much security in a way - securing a box so YOU can't get in is an example.

Security is a balance between functionality and safety. There are plenty of tools available on the net for most OS'es to get in if you have physical access. As a result, you have to look beyond software and look towards locking up your hardware.

(as an aside niti i was a sysadmin for several years. Most firms have hardware locked away and several redundant layers of security. But no matter how well you plan, something unexpected WILL happen - Murphy's law)

Quote:

For example, what if your sysadmin is killed in an unexpected accident?

Exactly. Or, for that matter, what if he gets a better job offer and leaves without notice? The company would be at his mercy just to get access to their own data.

hmmm....
I wonder if niti heard about toor login?

-The paper on which the password is written can be kept in safety box.
-Can be talk with sysadmin and tell him that let give us the root password too.
-Make a legal contract with him/her about these issues thinking that if he/she would rather go to another company to work, he/she should tell the password to company. Then, change password.

We have many practical solutions.

1 -2 ... Devastasting fire hits the company. Although the server is recovered, the area storing the password is destroyed. The sysadmin is killed during the fire

What do you do.

3. How do you FORCE someone to reveal a password?

We can do this ad infinitum. At the end of the day, you need some access to a box physically. Even OpenBSD recognises that

niti,
all that is quite theoretical:
In any secure environement servers are located in the room with limitied access and closed cabinets.
If one would keep sensitive data on the paper, he would be fired instantly. The above method is more efficient/secure than any "paperology"

Again: you may have your password on the paper, as long as I have direct access to the box I actually don't care where you keep password.