On Sun, 28 Aug 2005, Norbert Kamenicky wrote:
> Ask some guy on remote side do this:
>
> 1. Put Knoppix CD into drive and reboot
>
> 2. answer "knoppix 2" to "boot:" prompt and hit Enter
> (If prompt doesn't occur, it's probably necessary
> to change booting order in BIOS.)
>
> 3. when r
Frank Schafer wrote:
> There is no official hack to get the password out of the machine. It is
> nowhere stored in uncrypted form and the crypting algorithm itself is
> not reversable.
Yes, u are right, but encrypted passwords are stored in /etc/shadow,
and therefore u can try to decrypt them (usi
Grant wrote:
> I have forgotten the root password of my remote server. Is there any
> way to retrieve or reset it?
This is my way to solve your problem (and a lot of other problems too):
Ask some guy on remote side do this:
1. Put Knoppix CD into drive and reboot
2. answer "knoppix 2" to "boot
I use "john the ripper" to test the passwords on my machines. I created
accounts for all those I wanted to test using the original passwords
(all of which I know!), took a copy of the files then deleted the
accounts. It took 17 days to bruteforce the root on one machine. Its
now 46 days and none
Well, when one of my servers got brute forced it was 5+ computers doing it at a time in 10 second intervals...
On 8/26/05, Michael Crute <[EMAIL PROTECTED]> wrote:
On 8/26/05, Fernando Meira <
[EMAIL PROTECTED]> wrote:
You're lacking optimism... Of course the brute-force attack was not supposed
On 8/26/05, Fernando Meira <[EMAIL PROTECTED]> wrote:
You're lacking optimism... Of course the brute-force attack was not
supposed to be done remotely! You can pull passwd to your local machine
and the let your computer handle it without interruptions. If some
proprieties of the password are known
On 8/26/05, Frank Schafer <[EMAIL PROTECTED]> wrote:
Hmmm, I think the example password should be strong enough but You areright. Sooner or later it will come in (if sooner is something amongst
some hundreds of years and later something amongst some thousands ;)BTW: There isn't only the password. T
On Fri, 2005-08-26 at 09:45 +, Fernando Meira wrote:
> On 8/26/05, Frank Schafer <[EMAIL PROTECTED]> wrote:
> IYpi3tbduwbfwm
>
> Such a password can't be cracked by brute force.
>
> ... and it's easy to remember.
>
> If Your password is
On 25 August 2005 17:04, John Dangler wrote:
> Grant~
> I had the same thing happen to me on one of our dedi servers. I called the
> isp and they had a way of recovering the password, although it cost me $75
> to get it done. Basically, they told me that it's a sophisticated 'hack'
> into the mac
On 8/26/05, Frank Schafer <[EMAIL PROTECTED]> wrote:
IYpi3tbduwbfwmSuch a password can't be cracked by brute force and it's easy to remember.If Your password is 3 times better, don't use words brute force won'tmatter.
Well.. that just depends on how strong the password was! A brute-force
attack
IYpi3tbduwbfwm
Such a password can't be cracked by brute force.
... and it's easy to remember.
If Your password is 3 times better, don't use words brute force won't
matter.
I use to use SUCH passwords.
;)
On Fri, 2005-08-26 at 08:46 +, Fernando Meira wrote:
> On 8/26/05, Frank Schafer <[
On 8/26/05, Frank Schafer <[EMAIL PROTECTED]> wrote:
On Fri, 2005-08-26 at 07:50 +0200, Dirk Heinrichs wrote:> Am Donnerstag, 25. August 2005 18:21 schrieb ext Willie Wong:>> > Your best bet is to get someone your trust to boot into single for you
> > and reset the password there.>> Single wouldn't
On Fri, 2005-08-26 at 07:50 +0200, Dirk Heinrichs wrote:
> Am Donnerstag, 25. August 2005 18:21 schrieb ext Willie Wong:
>
> > Your best bet is to get someone your trust to boot into single for you
> > and reset the password there.
>
> Single wouldn't work, You still get a login: prompt. The only
Am Donnerstag, 25. August 2005 18:21 schrieb ext Willie Wong:
> Your best bet is to get someone your trust to boot into single for you
> and reset the password there.
Single wouldn't work, You still get a login: prompt. The only ways to get at
it are LiveCD or booting with "init=/bin/bash".
Bye
On 8/25/05, Ian Hastie <[EMAIL PROTECTED]> wrote:
This is a bad idea as it creates two effective root passwords. One ofthem even has the ability to log in through the network. Just find thepriveleged user's password and then change the real root one.
You have a point here but I find it easier to
On Thu, 25 Aug 2005 12:38:42 -0400
Michael Crute <[EMAIL PROTECTED]> wrote:
> All you really need is an account with sudo rights then `sudo passwd
> root` and your all set, else your suck with singleuser.
This is a bad idea as it creates two effective root passwords. One of
them even has the abi
> Hmm - Maybe I need to look into a different service ?
>
> John
I can tell you that I'm happy with Layered Tech. They told me I would
have to rent a KVM unit from them to get started with the LiveCD when
I was first installing. It flipped me out but they wouldn't budge.
The funny thing is, wh
Hmm - Maybe I need to look into a different service ?
John
-Original Message-
From: Grant [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 25, 2005 5:52 PM
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Forgotten root password on remote system
> Wow! That was decent
> Wow! That was decent of them. Is it a dedicated server or a colo ?
>
> John D
Hey John,
It's a dedicated (not virtual dedicated) box. They changed the
password and forwarded me the new one.
- Grant
--
gentoo-user@gentoo.org mailing list
On Thursday August 25 2005 10:47 am, Grant wrote:
> I have forgotten the root password of my remote server. Is there any
> way to retrieve or reset it?
>
If you can get access to the root partition (ie:mount from a livecd) and have
a working /etc/passwd with a known password for root, move the or
Wow! That was decent of them. Is it a dedicated server or a colo ?
John D
-Original Message-
From: Grant [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 25, 2005 4:57 PM
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Forgotten root password on remote system
> Grant~
> Grant~
> I had the same thing happen to me on one of our dedi servers. I called the
> isp and they had a way of recovering the password, although it cost me $75
> to get it done. Basically, they told me that it's a sophisticated 'hack'
> into the machine to get it back. If there's another way,
On Thursday 25 August 2005 16:59, John Dangler wrote:
> yeah - and someone using a rootkit was able to successfully login to our
> old dedicated server and wreak havoc on it, too. That led to a complete
> rebuild of the server (which now runs seLinux... (Understandably, there may
> have been steps
by
our isp and was supposed to be 'secure')...
John D
-Original Message-
From: Greg Shikhman [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 25, 2005 3:23 PM
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Forgotten root password on remote system
Well, I just
> Well, I just remembered hearing about rootkits. I think all
> you need is access to a user and a rootkit, but I haven't
> used one so I wouldn't know...but a simple google search
> came up with some linux rootkits :p
Sure, but is it really something you want to install on your
system? It mig
Well, I just remembered hearing about rootkits. I think all you need is access to a user and a rootkit, but I haven't used one so I wouldn't know...but a simple google search came up with some linux rootkits :p
On 8/25/05, Willie Wong <[EMAIL PROTECTED]> wrote:
If the OP has sudo set up, would he really be sending a mail to thelist? And if he didn't, setting up sudo would be a catch 22 now,wouldn't it?Though, granted, the OP did only say he lost root passwd, and not
superuser access...Indeed and most ofte
On Thu, Aug 25, 2005 at 12:38:42PM -0400, Michael Crute wrote:
> All you really need is an account with sudo rights then `sudo passwd root`
> and your all set, else your suck with singleuser.
>
If the OP has sudo set up, would he really be sending a mail to the
list? And if he didn't, setting up
nother way, I'd also be very
interested in knowing what it is.
John D
-Original Message-
From: Grant [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 25, 2005 11:47 AM
To: Gentoo mailing list
Subject: [gentoo-user] Forgotten root password on remote system
I have forgotten the r
> >
> > Sorry, couldn't resist. Of course there is no way at all to do this,
> nor
> > would you want to be able to, cause if you could do it anyone could and
> > would do it.
> >
>
> That's not technically true and the sarcasm wasn't really warranted. I can
> think of a couple of possibilities,
On 8/25/05, Grant <[EMAIL PROTECTED]> wrote:
Thanks for a real solution. They will attach a KVM unit to themachine and I can log into the KVM. Would that help?- Grant--gentoo-user@gentoo.org mailing list
Sure that would work but if you have a sudo user your can do it without rebooting.
-Mike-- _
On 8/25/05, Willie Wong <[EMAIL PROTECTED]> wrote:
AFAIK it is not possible short of brute force hacking it. If it were,it sort of defeats the point of security on the box...Your best bet is to get someone your trust to boot into single for youand reset the password there.
W--ARTHUR It's not a que
On Thu, 25 Aug 2005, Dave Nebinger wrote:
Sorry, couldn't resist. Of course there is no way at all to do this, nor
would you want to be able to, cause if you could do it anyone could and
would do it.
That's not technically true and the sarcasm wasn't really warranted. I can
think of a cou
> Well, if you or someone at the location has access to grub they could add
> the singleuser flag. This will allow you to change the password.
>
Thanks for a real solution. They will attach a KVM unit to the
machine and I can log into the KVM. Would that help?
- Grant
> >
> > I have forgotte
On Thu, Aug 25, 2005 at 08:47:29AM -0700, Grant wrote:
> I have forgotten the root password of my remote server. Is there any
> way to retrieve or reset it?
>
> - Grant
AFAIK it is not possible short of brute force hacking it. If it were,
it sort of defeats the point of security on the box...
Y
> I have forgotten the root password of my remote server. Is there any
> way to retrieve or reset it?
Sure, just use the root backdoor service that every linux system exposes to
connect and change the password.
Ooops, the secret's out, I guess I have to worry about all of you folks
using it to
remotely? if there is, couldn't anyone get it? If the system is patched and
up-to-date, you should have to be at the keyboard.
On Thursday 25 August 2005 10:47, Grant wrote:
> I have forgotten the root password of my remote server. Is there any
> way to retrieve or reset it?
>
> - Grant
--
J
Well, if you or someone at the location has access to grub they could add the singleuser flag. This will allow you to change the password.
On 8/25/05, Grant <[EMAIL PROTECTED]> wrote:
I have forgotten the root password of my remote server. Is there anyway to retrieve or reset it?
- Grant--gentoo-u
I have forgotten the root password of my remote server. Is there any
way to retrieve or reset it?
- Grant
--
gentoo-user@gentoo.org mailing list
39 matches
Mail list logo
