Linux-Setup Digest #337, Volume #19 Sun, 6 Aug 00 23:13:07 EDT
Contents:
Re: BIG mistake: Root Password forgotten ("D. C. & M. V. Sessions")
Re: pppd rejects "auth chap MD5" (Clifford Kite)
Re: BIG mistake: Root Password forgotten (Ron Gaw)
newbie DHCP ("KT")
Re: Partitioning a 15GB Hard drive? ([EMAIL PROTECTED])
How to find unresolved ref's in a xxx.o that Techworks gave me please ("Ian Turnbui")
Re: Newbie - fetchmail "SMTP connect to local host failed" (Guy White)
Re: FTP Problem with 7.1 ("Mark Livingstone")
password shadowing mistake (Michael)
Re: *very* slow FTP behaviour on Linux (Eugene Strulyov)
RedHat 6.0: "Permission denied" as root? (Andy Kinsey)
Re: very newbie needs help! PLEASE. ([EMAIL PROTECTED])
Re: Partitioning a 15GB Hard drive? (E J)
Re: How to create more /dev/loop devices? (Raj Wurttemberg)
Re: partitioning q (Michael Mitchell)
Re: BIG mistake: Root Password forgotten ("David ..")
Re: BIG mistake: Root Password forgotten
Re: How to create more /dev/loop devices? (Manfred Bartz)
----------------------------------------------------------------------------
From: "D. C. & M. V. Sessions" <[EMAIL PROTECTED]>
Subject: Re: BIG mistake: Root Password forgotten
Date: Sun, 06 Aug 2000 17:09:18 -0700
Stephen Biggs wrote:
>
> [EMAIL PROTECTED] (Andy Kinsey) wrote in
> <[EMAIL PROTECTED]>:
>
> >This is straight out of my RedHat Linux Secrets book:
> >1. At the LILO prompt, type the following:
> >
> > linux single
> >
> >2. at the bash# prompt, type the following:
> >
> > passwd
> >
> >3. change the password and re-boot normally.
>
> This is so secure, no? This means that if anybody has access to your
> physical box, they can become root with very little trouble? How do you
> defeat this?
>
> I would be willing to live with the fact that if I lost my root password I
> should be punished by having to reformat the disk, or at least re-
> install the OS... that's what you have to do in NT if you lose the
> Administrator's password (unless you can hack it).
Security through obscurity strikes again.
As long as you have access to the physical system, any pretense
of real security is just that. At worst, someone can just
open the box up and take the drive to another one. The data
*will* be exposed or altered.
NT pretends to make the data inaccessible through the miracles
of the NTFS file system. Which just means that you don't use
NT to admin around in an NTFS system; you use Linux or some
non-MS software that doesn't have the papier-mache' vault doors
that NT pretends to have.
--
| Bogus as it might seem, people, this really is a deliverable |
| e-mail address. Of course, there isn't REALLY a lumber cartel. |
| There isn't really a tooth fairy, but whois toothfairy.com works. |
+----------- D. C. & M. V. Sessions <[EMAIL PROTECTED]> ----------+
------------------------------
From: Clifford Kite <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.networking
Subject: Re: pppd rejects "auth chap MD5"
Date: Sun, 6 Aug 2000 17:54:21 -0500
Kyler Laird <[EMAIL PROTECTED]> wrote:
> I'm out of town and having trouble connecting with AT&T. At home,
> the POP is an old IBM system. It handles SLIP and does PPP with PAP.
> The system I'm trying to use now appears to be something else and
> only wants to do PPP with CHAP MD5.
> I set up my chap-secrets file to be the same as my
> pap-secrets, but when I try to connect, I get
> Aug 6 15:00:32 pia00 pppd[1330]: sent [LCP ConfReq id=0x1 <asyncmap
> 0x0> <magic 0xb15d85f6> <pcomp> <accomp>]
> Aug 6 15:00:32 pia00 pppd[1330]: rcvd [LCP ConfAck id=0x1 <asyncmap
> 0x0> <magic 0xb15d85f6> <pcomp> <accomp>]
> Aug 6 15:00:32 pia00 pppd[1330]: rcvd [LCP ConfReq id=0x1 <mru
> 1500> <asyncmap0x0> <auth chap MD5> <pcomp> <accomp>]
> Aug 6 15:00:32 pia00 pppd[1330]: sent [LCP ConfRej id=0x1 <auth
> chap MD5>]
> Aug 6 15:00:33 pia00 pppd[1330]: Hangup (SIGHUP)
> Aug 6 15:00:33 pia00 pppd[1330]: Modem hangup
> What's up? I read that Linux pppd should be able
> to handle CHAP MD5 without any problems. Am I
> missing something obvious? I've tried using kppp
Maybe. Have you configured pppd with CHAP for authenticating to
the peer?
For that you need the pppd option "user YourISPusername" and the
chap-secrets file configured with the line
YourISPusername * YourISPpassword
with the obvious subsitutions for YourISPusername and YourISPpassword.
You also can't have either of the pppd options option -chap or
refuse-chap.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* The wealth of a nation is created by the productive labor of its
* citizens. */
------------------------------
From: Ron Gaw <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: BIG mistake: Root Password forgotten
Date: Mon, 07 Aug 2000 01:24:56 -0700
Bit Twister wrote:
>
> When you see the lilo prompt, hit the Tab key, then
> linux 1 or linux single
>
> when you get to the prompt, do a,
> passwd root
> new_pw_here
> ver_pw_here
>
> /bin/shutdown -r now
>
> On Sun, 06 Aug 2000 23:27:03 -0700, Ron Gaw <[EMAIL PROTECTED]> wrote:
> >I believe I am in trouble. I have forgotten my systems ROOT password.
>
> < snipped a lot of stuff >
>
> --
Thank you! Here I thought it would be a problem. However, reading this
and later messages, I understand :
a: This works, but is not my idea of security
b: All the more reason to find new security models for the actual data
on a drive (i.e. encryption) if you really want to protect it from
prying eyes, if not necessarily protecting it from being destroyed.
Ron
------------------------------
From: "KT" <[EMAIL PROTECTED]>
Subject: newbie DHCP
Date: Mon, 07 Aug 2000 00:36:18 GMT
I installed dhcp on my linux server and at boot time the OS tells me that
"there is no declaration for eth1 (0.0.0.0).
My dhcp.conf file looks like the following:
# Define global values that apply to all systems
server-identifier 10.0.0.240;
default-lease-time 86400;
option subnet-mask 255.0.0.0;
option domain-name-servers 10.0.0.240;
option domain-name "tarrance.com";
#Identify range of address
subnet 10.0.0.0 netmask 255.0.0.0 {
option routers 10.0.0.240;
option broadcast-address 10.255.255.255;
range 10.0.0.19 10.0.0.100;
}
I would appreciate any help. Thank you.
Kelvin
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Partitioning a 15GB Hard drive?
Date: 7 Aug 2000 00:50:35 GMT
I'm a little confused as to what you're saying.
So make the /boot = 8GB approx?
What about the other 7GB?
The computer is a P166MMX, 48MB RAM, 15GB HD.
E J <[EMAIL PROTECTED]> wrote:
: Try this as a first step and if you want to add, change the partitions when
: your needs change use something like Partition Magic.
: We alway change the partition according to your needs, but what do you know
: what you need?
: /boot - 16 Mbyte within the 1024 cylinder.
: / -stuff else in here.
: swap - the same size as your RAM memory.
------------------------------
From: "Ian Turnbui" <[EMAIL PROTECTED]>
Subject: How to find unresolved ref's in a xxx.o that Techworks gave me please
Date: Mon, 7 Aug 2000 02:14:35 +0100
Yes folks,
I'm still struggling with trying to get my PCMCIA card working. The .o files
that techworks gave me have unresolveds in then according to running
depmod prograam when I re-build my PCMCIA drivers. Can anyone tell me if
there is a tool that will show me the names of the unresolveds?
TIA
Ian Turnbull
0961 931941
mailto:[EMAIL PROTECTED]
Web : www.turnbui.freeserve.co.uk
------------------------------
From: [EMAIL PROTECTED] (Guy White)
Subject: Re: Newbie - fetchmail "SMTP connect to local host failed"
Date: Mon, 07 Aug 2000 01:07:56 GMT
JR <[EMAIL PROTECTED]> posted:
> It took me a while to get fetchmail working, but there is another problem now.
> After setting up .fetchmailrc everything went smooth.
> Logging in, no problem. Finding mail, no problem.
> Getting it back, no way. Error SMTP connect to local host failed.
> And I can't find it in the man pages.
> Am I supposed to set up some sort of a mail server?
> Something missing in the .fetchmailrc?
> Also using Kmail, and that is working ok.
> SuSE 6.4 with KDE.
> Help much appreciated.
It would help if you had your .fetchmailrc posted but I suspect that
all you need is a handoff to a mail delivery agent. I bypass my MTA
and handoff to procmail to filter and place mail in respective boxes.
In your .fetchmailrc you can add the line:
mda 'procmail -d username' (replace "username")
Depending on how many remote hosts you poll and where you want the
mail placed governs where you put the mda line(s). This variable can
be changed anywhere within the file. If you want mail from one host
account to be copied into 2 user mailboxes use..
mda 'procmail -d username1 username2'
....at the beginning of the script and change this variable as
needed. I did the best I could to explain what little I know, hope it
helped!
------------------------------
From: "Mark Livingstone" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.slackware,comp.os.linux.networking
Subject: Re: FTP Problem with 7.1
Date: Mon, 07 Aug 2000 01:13:44 GMT
do not install BERO or any shit like that. either patch and use wu-ftpd or
get yourself a latest version of PROFTPD, so far the most secure server for
linux.
what are your firewall rules?
"Scott Weber" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I just installed 7.1.
>
> I already have running: NT, '95, Slackware 3.5. All on a single
> hub, all in a 192.168.2.x network.
>
> From 7.1, I type FTP <3.5 box>... it says connected, then it hangs
> CTRL-C doesn't even do anything.
> From WIN NT, I FTP to <3.5 box>, everything is fine.
>
> From WIN NT I ftp to <7.1 box>, it hangs until timeout.
>
> In _ALL_ cases, ftp says "Connected to blah-blah" but stops there,
> and doesn't show the splash screen.
>
> In short, I can't FTP into or out of the new box., but it does say
> that connections are made.
>
> The ..log/messages file just shows me:
> FTP Connection from 192.168.2.1...
> Timeout on 192.168.2.1 Dropped...
> (i.e. It doesn't actually show me anything useful)
>
> Yes, I can telnet in/out, ping, and samba is working.
>
> I am finding this rather annoying. Can ANYONE shed some light
> on this?
>
> -Scott Weber
> [EMAIL PROTECTED]
------------------------------
From: Michael <[EMAIL PROTECTED]>
Subject: password shadowing mistake
Date: Mon, 07 Aug 2000 01:37:39 GMT
Hi,
during install I said I didn't want Pword shadowing. Now I do. How do I
correct this in newbie terms? thanks,
--Michael-
------------------------------
From: Eugene Strulyov <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.networking
Subject: Re: *very* slow FTP behaviour on Linux
Date: Mon, 07 Aug 2000 01:42:17 +0000
possibly one of the network cards is broken. I've seen this happen
Paul King wrote:
> I have two machines that are joined together by a twisted pair.
> Their networks *appear* to have been set up properly, (ping and
> telnet work), but FTP is abysmally slow (< 1k/sec) between these
> two machines.
>
> One machine ("A") is hooked up to the Internet, and the other
> ("B") is hooked up to the first machine. FTP download speed
> from A to the internet are reasonable, while FTP speeds
> between A and B are slow.
>
> Machine "A" is running RedHat 6.2 (kernel 2.2.14), and "B" is
> running Corel Linux 1.1 (kernel 2.2.14). I observed that Corel
> appears to be running a different FTP daemon.
>
> Paul King
------------------------------
From: Andy Kinsey <[EMAIL PROTECTED]>
Subject: RedHat 6.0: "Permission denied" as root?
Date: Sun, 06 Aug 2000 22:01:58 -0400
I have had a few cases where I tried to run an installation program or
script while logged in as root, and I got "permission denied." Does
anyone have an idea why that is? I realize this is a pretty vague
description of the problem, but I don't even know where to begin
looking. Any help would be appreciated.
Thanks.
Andy
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: very newbie needs help! PLEASE.
Date: Mon, 07 Aug 2000 01:53:03 GMT
In article <[EMAIL PROTECTED]>,
ray <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> Weeel I bought the book that you said the redhat bible, had a heck of
a time finding it, also purchased linux suse while I was at it. good to
know almost none of my hardware is compatible soundcard/intergrated
with modem rockwell hehe. printer not compliant so basically I have
plenty of time to read on the OS instead of playing with it.. Thanks
for the help. I will be back soon Im sure. hehe.. Thanks guys.
> > My question is what book is best for configureing redhats 6.1 kde.
> > I've printed a few howtoo's but either permission is denied or the
file
> > doesn't exsist. I understand that linux is one giant file system but
> > does that mean to load modules I have to make new directories. Just
one
> > of many questions I have. Any help would be appreciated, because as
> > linux is freely distributed in some instances information is not as
> > I've noticed in chatrooms with the sarcasm that goes on when someone
> > doesn't know something.
> > thanks for any help on this issue.
> >
> > Sent via Deja.com http://www.deja.com/
> > Before you buy.
>
> wb2rxf de wa4ajy.. The books suggested by Dale are excellent. May I
call
> your attention to places, like,
> perhaps, www.linuxnewbie.org. Also, there are literally many
thousands of
> linux pages on the web, the
> majority of which are for newbies. On IRC, in #linux, if you encounter
> attitudes, try another server. MOST people
> playing with linux really, really, try to help others join the fun. We
> have a few who don't, thankfully they are rare. Also, I pass along,
some
> of the #linux channies are on very advanced levels, people who are
> working on
> projects, etc. and they are not nearly as receptive to "How do I cat
two
> files together" type questions. One of
> MY barriers to linux was the man pages. They seem really cryptic, at
> first, but there's a "feel" to them, and once
> that's comfortable, they are your friends. Sincere good luck, my
friend,
> and 73's
> Ray
>
> --
> Ray R. Jones
> [EMAIL PROTECTED]
> HTTP://gordo.penguinpowered.com
> Ray's Linux gordo.penguinpowered.com 2.4.0-test2
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: E J <[EMAIL PROTECTED]>
Subject: Re: Partitioning a 15GB Hard drive?
Date: Sun, 06 Aug 2000 19:14:25 -0700
The /boot should be a small partition 16MB at the beginning of the hard disk.
(within the 1024 cylinder)
The reason is so lilo can boot linux.
/ should be most of the 15 GB.
swap should be 48MB
[EMAIL PROTECTED] wrote:
> I'm a little confused as to what you're saying.
>
> So make the /boot = 8GB approx?
>
> What about the other 7GB?
>
> The computer is a P166MMX, 48MB RAM, 15GB HD.
>
> E J <[EMAIL PROTECTED]> wrote:
> : Try this as a first step and if you want to add, change the partitions when
> : your needs change use something like Partition Magic.
> : We alway change the partition according to your needs, but what do you know
> : what you need?
>
> : /boot - 16 Mbyte within the 1024 cylinder.
> : / -stuff else in here.
> : swap - the same size as your RAM memory.
------------------------------
From: Raj Wurttemberg <[EMAIL PROTECTED]>
Subject: Re: How to create more /dev/loop devices?
Date: Sun, 06 Aug 2000 22:23:37 -0400
Manfred,
Ahhh..... You are a Saint!! <grin> Ok, I read the man page... thanks
I've never used that command before. But to be honest it's syntax
still has me a little befuddled (Not the best man page I've ever
seen).
I've tried this, "mknod -m=rw loop8 b 7 8" but the group is set wrong
and all of the attributes are set to RW when only the first two should
be. Is this command documented better somewhere on the net or can you
give me an example? Thanks for your help.
Regards,
-Raj
On Sun, 06 Aug 2000 11:50:09 GMT, Manfred Bartz <[EMAIL PROTECTED]>
wrote:
>Raj Wurttemberg <[EMAIL PROTECTED]> writes:
>
>> I'm trying to cut costs a little and use a Linux box as a cdrom tower
>> by reading the CD's and mounting the ISO images on the loop devices.
>> The problem I've run into is that there are only eight loop devices
>> and I need more.
>>
>> How do I create more than 8 loop devices?
>
>man mknod
>
>
>For the new 2.4 kernel, I found this in ``/usr/src/linux/drivers/block/loop.c'':
>
> * Maximum number of loop devices now dynamic via max_loop module parameter.
> * Russell Kroll <[EMAIL PROTECTED]> 19990701
> *
> * Maximum number of loop devices when compiled-in now selectable by passing
> * max_loop=<1-255> to the kernel on boot.
> * Erik I. Bols�, <[EMAIL PROTECTED]>, Oct 31, 1999
>
>I am not sure how many loop devices the older kernels allow.
>
>HTH
------------------------------
From: Michael Mitchell <[EMAIL PROTECTED]>
Subject: Re: partitioning q
Date: Mon, 07 Aug 2000 02:22:46 GMT
Buying another disk will make your problem go away, dedicate a disk to Linux
only and you can still mount your /dos and read files
Peter Whincop wrote:
> i hope this is the appropriate ng. system: piii733/256m/30G-ide, boot
> and utility disk for w98 and linux, as well as a rh6.2 and w98
> installation disk.
>
> i had this partitioning table:
>
> hda1 (w98) [w95 fat32 (0b)] 6G
>
> rh6.2's disk druid did this (the logical partition might not quite be
> right), with me not knowing where to grab an extra w98 data partition:
>
> hda2 /boot [linux native] 10M
> hda5 /swap [linux swap] 512M
> hda6 /home [linux native] 6G
> hda7 / [linux native] 6G
> hda8 /lfs [linux native] 50M
> hda9 /blah [w95 fat32 LBA (0c)] max
>
> at various stages i recast hda9 as (0b), and i eventually deleted it with
> linux fdisk, and shrunk the extended partition (hda3) with the nifty dos
> utility presizer. back in linux i used fdisk to make:
>
> hda4 /blah [w95 fat32 LBA (0c)] max (and now no hda9)
>
> it all looked good in linux. dos presizer recognized everything. the big
> problem was that, although w98 could see drive D: (hda4), my w98 data
> partition, it could not format it. (hda1 was the active partition, no
> problems there.)
>
> was i doing something dreadfully wrong? is it permissible to have two
> fat32 primary partitions and w98 recognize both? was it some >8.4G rule i
> thought had been solved? (i'm using the latest release of lilo, and
> kernel 2.2.14-5.0, w98 1st release, a genuinely license copy! yikes.)
>
> this all worked before the addition of the fat32 lba partition for
> data--the second 0b didn't show up under w98. i could do away with this
> data partition, i suppose, but i believe that in order to allow linux to
> access dos data while vmware under linux is running, a non-booted-w98
> partition must be used.
>
> i had a similar partition table, done by hand, not by redhat, but i don't
> seem to be able to reproduce it if i want to use rh6.2, nor can it give
> me an extended partition for linux, which i desire (and which rh6.2's
> disk druid likes to do). there can of course be only one 05:
>
> hda1 0b
> hda2 83 (single partition including /boot)
> hda3 82
> hda4 05
> hda5 0c (full size of hda4)
>
> i know this is a jumble, and a little frivolous, since i can at least get
> some kind of dual boot operating. but for vmware, i really want a
> separate w98 data partition. perhaps i am wrong about this need? and,
> can anyone possibly point out where i might have gone wrong in my whole
> partitioning exercise, especially why w98 could recognize, but not format,
> hda4 from my main scheme above. (something along the way, possibly the
> failed formats, during which the system would get extremely sluggish, the
> hdd light would blink only once or twice, then nothing, caused c: to be
> corrupted, not too badly, but enough to require a re-install to snag those
> few elusive files.)
>
> i would _really_ appreciate any advice or tips here. my solution, i
> think, will be to have two hdds (0b, 83:/boot, 05:[0c]) and
> (83:/home, 82:/swap, 83:/, 83:/lfs). i'd rather not have to buy another
> disk, though.
>
> thanks,
>
> peter
------------------------------
From: "David .." <[EMAIL PROTECTED]>
Subject: Re: BIG mistake: Root Password forgotten
Date: Sun, 06 Aug 2000 21:19:47 -0500
Stephen Biggs wrote:
>
>
> This is so secure, no? This means that if anybody has access to your
> physical box, they can become root with very little trouble? How do you
> defeat this?
>
> I would be willing to live with the fact that if I lost my root password I
> should be punished by having to reformat the disk, or at least re-
> install the OS... that's what you have to do in NT if you lose the
> Administrator's password (unless you can hack it).
Password protect lilo by adding these 2 lines just after the "default="
line in /etc/lilo.conf
restricted # add only if using password line.
password=<password> # add this line, include password.
Then "chmod 600 /etc/lilo.conf" to keep users from being able to read
it.
Then "chattr +i /etc/lilo.conf" to make it unchangeable.
If you forget this password you are in trouble since you will not be
able to boot into "linux 1" mode without it.
--
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter. http://counter.li.org
ID # 123538
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: BIG mistake: Root Password forgotten
Reply-To: [EMAIL PROTECTED]
Date: Mon, 07 Aug 2000 02:36:05 GMT
On Sun, 06 Aug 2000 23:50:28 GMT, Stephen Biggs
<[EMAIL PROTECTED]> wrote:
>
>This is so secure, no? This means that if anybody has access to your
>physical box, they can become root with very little trouble? How do you
>defeat this?
Don't give them physical access.
Or encrypt your box with the requirement that a key be entered at run
time. Forget that key and you're fucked.
------------------------------
Subject: Re: How to create more /dev/loop devices?
From: Manfred Bartz <[EMAIL PROTECTED]>
Date: Mon, 07 Aug 2000 02:45:55 GMT
Raj Wurttemberg <[EMAIL PROTECTED]> writes:
> Ahhh..... You are a Saint!! <grin> Ok, I read the man page... thanks
> I've never used that command before. But to be honest it's syntax
> still has me a little befuddled (Not the best man page I've ever
> seen).
>
> I've tried this, "mknod -m=rw loop8 b 7 8" but the group is set wrong
> and all of the attributes are set to RW when only the first two should
> be. Is this command documented better somewhere on the net or can you
> give me an example? Thanks for your help.
to create /dev/loop8
mknod -m 660 /dev/loop8 b 7 8
chgrp disk /dev/loop8
chmod and chown also work as for any other file, e.g.
chmod g+w,o= /dev/loop8
will add write permissions to the group and remove all
permissions for ``other''.
To create loop devices 8 to 15 in one go:
for i in `seq 8 15`; do
mknod -m 660 /dev/loop${i} b 7 ${i}
chgrp disk /dev/loop${i}
done
Cheers
--
Manfred Bartz
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.setup) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Setup Digest
******************************
