[Video tutorial] Linux password recovery - Linux
This is a discussion on [Video tutorial] Linux password recovery - Linux ; [Video tutorial] Linux password recovery
Personal blog : http://reza.behroozi.info
Persian site : http://www.persianadmins.com - www.admins.ir -
English site : http://en.persianadmins.com - www.en.admins.ir...
[Video tutorial] Linux password recovery
Re: [Video tutorial] Linux password recovery
> [Video tutorial] Linux password recovery
Yes that's right, we could always reset the password in this way. It is not
however, password recovery, because you do not get told what the previous
password was, it is a means to reset the password.
Is it safe?
Well yes it is, because of course your servers are locked away and only
admin or authorized personel have access to them. erm, your servers are
locked away aren't they? You haven't got them out on a desk somewhere have
you where any passing stranger could simply pick it up and carry it out?
Is it necessary?
Yes. Because on any system there is always a risk that a volume or drive
will die, if that happens to be the volume where etc/passwd or shadow is,
then without being able to get in and after recovering the volume, then if
necessary 'reset' the root password, then you could find yourself in
trouble, particularly if you are sitting at the root of an nis system.
Then too there is the IT person who was run over by a bus but hadn't yet
gotten round to writing down the new root password and popping it into the
company safe. Ok, hands up, we have all done it, no no I don't mean we have
all been run over by a bus, I mean we have all gone the odd week or two
meaning to pop the new password into the safe but not quite getting around
A password reset system is a necessary thing, you could do it a quicker
easier way with a Live Linux by the way, use something that boots fast such
as damn small linux, edit your system to no root password, boot up again
and then set it.
Re: Linux password recovery
On Dec 4, 5:31 am, BearItAll wrote:
> reza.behro...@gmail.com wrote:
> > [Video tutorial] Linux password recovery
> A password reset system is a necessary thing, you could do it a quicker
> easier way with a Live Linux by the way, use something that boots fast such
> as damn small linux, edit your system to no root password, boot up again
> and then set it.
If you have physical access to the hard drive, so it can be removed
from the computer you can reset the root or any other password
in the /etc/shadow file. If the password is weak, you can probably
crack the hash to get it. In any case if you have the HD in your hand
you can read the files on it without a password unless the files or
partition are encrypted. By definition the /stc/shadow file cannot be
encrypted (except for the hashes) since this would be like burying the
map with the treasure.