On Sat, 2005-03-26 at 08:17, Kenneth Burgener wrote: > I had heard that one security measure you can do for your Linux machine > is rename the root username. The system booted fine, but I found that > several services (including xinetd, and iptables) require the root user > to be named root. Is there a way around this, or is it not a good idea > to rename the root user.
I personally don't see much point in it. Disable root ssh login if you're paranoid. SELinux would probably be a better route to limit what root can actually do. It's not a trivial task. > I have a second question. When I realized that there were problems I > went back and renamed the root user back to root in the /etc/passwd and > /etc/group, but I forgot to fix it in /etc/shadow. So my next question > is how do you recover from that? I assumed that it would just list my > password as blank, but this didn't work. Any suggestion on fixing this? > How can you reset the root password? I had heard in earlier threads > about booting to "single" user mode. I tried that but it prompts me for > the "root password for maintenance". Add the boot option "init=/bin/sh" in grub. That will skirt the whole boot up process and dump you to a root shell. You may need to remount the / filesystem with "mount -o remount,rw /". Edit /etc/shadow and save. Since you didn't start /sbin/init, you can't shutdown. Instead, remount / ro again to flush any changes and hit the power button. Corey
signature.asc
Description: This is a digitally signed message part
.===================================. | This has been a P.L.U.G. mailing. | | Don't Fear the Penguin. | | IRC: #utah at irc.freenode.net | `==================================='
