<br><br><div class="gmail_quote">On Fri, Jan 2, 2009 at 2:49 PM, Michael Mol <span dir="ltr"><<a href="mailto:mikemol@gmail.com">mikemol@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Fri, Jan 2, 2009 at 2:44 PM, Joshua Burns <<a href="mailto:jdburnz@gmail.com">jdburnz@gmail.com</a>> wrote:<br>
> unfortunately not, it's a pretty straight boot...<br>
<br>
</div>Then my next approach would be to boot of a live CD, change the root<br>
password on the live CD, and copy the encrypted password from the<br>
liveCD's /etc/shadow to the machine's /etc/shadow and /etc/shadow- .<br>
I've done this a few times, though it might not work if the two<br>
distros use a different salt for the password hash. (Though, honestly,<br>
I've never encountered that barrier.)<br>
<font color="#888888"></font></blockquote><div><br>This describes a pretty nifty way to break<br>in to a PC. The ability to use a live CD or DVD<br>to rearrange passwords, and otherwise modify<br>the Linux OS (windoz too? ) seems like a ready<br>
made master key.<br><br>I've had occasion to use a live CD to provide <br>root access to my own PC, and wondered then<br>why I couldn't just do this to any machine <br>running Linux. <br><br>Other than to, say, change the boot sequence,<br>
and eliminate booting from anything other <br>than the hard drive, to prevent someone from <br>booting a live CD, what are some ways to prevent <br>this? <br><br>Of course someone could still just steal the<br>hard drive and get in.<br>
<br> -- Bob<br><br></div></div><br>