--- Binand Sethumadhavan <[EMAIL PROTECTED]> wrote:
> On 24/11/05, Vijairaj <[EMAIL PROTECTED]> wrote:
> > If you append "init=/bin/bash" to the kernel command line, you will
> > land up in a bash shell, from where the root password can be reset.
>
> This leads to an open question.
>
> You have lost the root password of a given server. Unfortunately:
>
> 1. You have a password (the same password that you lost) set in your
> lilo.conf, and the "restrict" keyword too.
> 2. You have set the BIOS to boot from HDD first and set a password
> there (again, the one that you lost).
> 3. Access to the box is difficult or impossible; say it is in a
> colocation center on the other side of the globe. The best you can
> have is the colo support staff rebooting the box.
> 4. Reinstalling is not an option - you have several man-years worth
> of
> data on the box, which you have to preserve. Your business cannot
> survive a downtime of more than 15 minutes, say. At the moment, the
> box is running - thank god for that! :)
>
> On the plus side, you have a serial console and the BIOS also
> understands that (ie, you can access the BIOS in the serial console).
>
> What do you do?? And further, what steps would you have taken
> beforehand to prevent such a situation from happening? Assume all the
> above measures were required for some kind of compliance.
I think it boils down to who manages the physical box.
1. Shared/dedicated servers are controlled by the data center guys
including replacing faulty hard disks. In such cases you should not be
the person to know the BIOS password - those guys should and they
should be able to change BIOS setting temporarily if required.
2. Collocated servers specifically imply someone technically savy is
within phyiscal proximity of the data center. You can not run a
collocated server sitting on the other side of the globe.
Few more thoughts on this being:
1. I donot believe there are any laws which says all of the above
passwords are to be the same. I would think it is a very serious
mistake on the password owner's part.
2. Most servers in data centers have two root passwords - one owned by
the client and one owned by the data center guys. You can always ask
them to reset the root password for your userid.
End of the day if so many things have gone wrong in one day rest
assured you wont get anything out of this box that day ;)
Mithun
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
linux-india-help mailing list
linux-india-help@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-india-help
