Forgot root password [SOLVED]

[menotu]

Just a thought Tony (you may already of already considered it) but using something like KeePassX to store all your passwords can help when a person has forgotten a certain password. KeePassX has the added benefit of your passwords being stored in an encrypted manner.

You would then only need to remember one (KeePassX) password to look up any password you may of forgotten.

I would add that the password that accesses the KeePassX file should be super strong

Using this along with something like the LastPass browser add-on can help big time.

Additionally, both KeePassX and Lastpass can also generate very strong passwords for greater security.

KeePassX is in the repo's.

[Vorteggs]

Thanks Vortеx, done !

I am glad you sorted it.

I just did in Terminal what the other guys were saying.

So thanks should go mainly to them I think.

[Tony]

Vortеx, don't be humble 
I feel this is a Forum with great merit which may have it's ups and downs but the people who make the Forum are as professional as any I've been a member. Just trying to raise morale a bit maybe ?

You posted the commands, and freely allowed the errors to illustrate there was a little more to the commands than the old thread I dug up.

I simply took the text Doc I made to other Comp, followed your commands, and it was done. Thankyou.

@ menotu
Thankyou, yes I'm a big fan of Keypassx, initially used 'Keypass' in windows. Have used many years, highly recommend it. 

I do store all my Forum login info, and some Misc stuff, Email, etc., but generally use a notebook when Installing a System; which isn't such a great idea is it 

Basically as it was a Comp I was loaning out I should have stored the root pass in Keypassx, good advice well taken, thankyou menotu

[Tony]

I'm wondering if this info is a Security risk, and should be removed ?

[muungwana]

I'm wondering if this info is a Security risk, and should be removed ?

The best way to keep a secret is to not have the secret in the first place.

The second best way is to keep it encrypted with encryption algorithms that take theoretically thousand of years with the best resources that are currently available.

This info should not be removed,it should be out there advertised to inform people if their are data is not encrypted, its as open as open can get.

Operating system enforced security is effective only when the system is running.

A single user mode root login can be plugged since an OS is already running and OS security features can be used. Access the drive from the live cd completely makes OS security on the OS installed on the drive completely moot.

[Tony]

A single user mode root login can be plugged since an OS is already running and OS security features can be used. Access the drive from the live cd completely makes OS security on the OS installed on the drive completely moot.

Sorry muungwana, I don't get what you mean, please excuse my ignorance, what are the OS security features you speak of ? MSEC: System Security, and Audits ?

Operating system enforced security is effective only when the system is running.

If it's not running, and offline surely it's very safe ?

Reason I asked if we should delete this thread is we have shown how simple it is to create and negate a root password.

I'm no expert as a Linux user, but my understanding is that putting into use root (Admin) protections is a dynamic part of Linux security as it stops any changes to important system files, and configs, which could compromise security.

I suppose I'm asking what active security is running that protects a Linux system, other than no access because of a lack of Administrative privileges, through the root password ?

Curious as I just realised how little I know of what makes Linux so secure, besides it's very low User base in general; online.

Probably too many questions, sorry.  

[Bald Brick]

A single user mode root login can be plugged since an OS is already running and OS security features can be used. Access the drive from the live cd completely makes OS security on the OS installed on the drive completely moot.

Sorry muungwana, I don't get what you mean, please excuse my ignorance, what are the OS security features you speak of ? MSEC: System Security, and Audits ?

Operating system enforced security is effective only when the system is running.

If it's not running, and offline surely it's very safe ?

Not if the baddies have physical access to it. It's safe from attacks over the Internet. But if they can get their hands on it they can boot your system in safe mode or from a live CD, or they can move the hard drive to another computer. And then it isn't safe at all. If you want to keep some of your data more safe, you have to encrypt it. One way of encrypting it is by using muungwana's zuluCrypt. I have no idea whether that is the safest option, but it's a good option and it's very probably the easiest option. And the point is that unencrypted data are never safe.

Reason I asked if we should delete this thread is we have shown how simple it is to create and negate a root password.

Twenty seconds of googling will give any cracker the same information. But it won't give him or her physical access to your computer. And without that this information won't be very useful.

I'm no expert as a Linux user, but my understanding is that putting into use root (Admin) protections is a dynamic part of Linux security as it stops any changes to important system files, and configs, which could compromise security.

I suppose I'm asking what active security is running that protects a Linux system, other than no access because of a lack of Administrative privileges, through the root password ?

Curious as I just realised how little I know of what makes Linux so secure, besides it's very low User base in general; online.

Probably too many questions, sorry.  

[muungwana]

A single user mode root login can be plugged since an OS is already running and OS security features can be used. Access the drive from the live cd completely makes OS security on the OS installed on the drive completely moot.

Sorry muungwana, I don't get what you mean, please excuse my ignorance, what are the OS security features you speak of ? MSEC: System Security, and Audits ?

Operating system enforced security is effective only when the system is running.

If it's not running, and offline surely it's very safe ?

Bald Brick above explain in greater detail so i will do with an example, hopefully briefly.

Permission system is at the heart of a linux system but it is only effective when the system is running because thats the only time they can be enforced. Boot up from the live cd or take the drive to another computer and the permission system protection is completely none existent.

Let say you have a computer and you are sharing it with your spouse. As long as both of you boot up the computer using the OS on the computer,then they can not access files on your account(home directory) and you can not access files on their account( their home directory ).

If they do not have root access, they cant do anything that require root's privileges.The permission system is in full effect.

1. How would they gain root access without knowing root's password?
Simple.
Boot up using a live cd, browse to the root directory of the installed OS,and edit out the second entry in root's entry in "/etc/shadow" text file, boot up using the installed OS and the system has no root password!!!!!!! ..they can do as they wish with root's privileges and then simply edit back the root's password and you will be none the wiser.

In a sense, not giving your spouse root's password does not mean they can gain root's privileges without knowing it,not sharing with them your login password does not mean they cant access your home directory. You will just inconvenience them if they want to do that.

[Tony]

OK, I'm with you. Thanks Bald Brick, and muungwana.  

For a home user it's easy to think I have nothing of importance on my computer.
Bank accounts; I don't generally do online Banking, I use a debit card if I do, plus I'm poor.  

Bandwidth is important. BotNets are built out of stolen Bandwidth from people who may barely notice they have a slower Internet connection, in a subtle case.

For small Bussiness security is a real issue. Also big Business obviously. Encryption is a good idea, but Computers are so good at tedious tasks like going through every combination of numbers, words, etc.

Just a matter of time if a serious trained hacker wants in, he's (she's)  going to get in sooner or later.

Which leads nicely into a pet hate of mine; the widespread use of Computers for everything, from Government Departments, to Big Businesses, like Banks.

There should be some common sense involved balancing the convenience of having info at your finger tips, to Archiving items like back in the past, locked in a Vault on microfilm say.

At the 'root' of all this is the explosion of Technology over a hundred years ago.

Lot of changes; interesting times to be alive.