Feris Thia wrote: > Hi All, > > I've heard that root access can be recovered if we forget the password > or something causes authentication failed. How is that done ? > > And if so... I want it to be completely unrecoverable.. How can I do that ? > > Thanks, > The only way to recover the root password it to do something like a dictionary or brute force attack on /etc/shadow. What can be done is to boot the system in the single use mode, or off a rescue CD, and change the root password. Ways to prevent it: Require a password to boot into the single user mode. Disable boot from anything except the hard drive, and password protect the BIOS. Also physically protect the machine so that someone can not remove the hard drive, and place it in another machine. Encrypt the hard drive on the machine. The thing is, if a person has physical access to the machine, and know what they are doing, they can get the information off of it sooner or later. All you can do is make it more work then the information is worth. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
