You are not logged in.
Pages: 1
I have Arch Linux successfully booting up without live cd. However, I lost the password (because I was playing around the other day) and I thought to myself.
What if I put live iso back in.
Mount the correct parition to /mnt
arch-chroot into /mnt
then run the passwd command.
Sure enough i changed the password. Booted back into Arch Linux and I was able to log into the root user.
I am currently studying groups and users and this just makes me wonder. Can I always just run the live iso and arch-chroot to run the passwd command? That just seemed crazy because I didnt think it would let me do that.
Last edited by AcousticBruce (2015-05-22 19:13:49)
Offline
You don't even need the live-cd/usb. Just use the kernel parameter "break=postmount" or an equivalent.
Users and groups provide absolutely no security against someone who has physical access to the machine (and the ability to power it on/off and/or remove harddrives). If you want that level of security, look into disk encryption.
Users/group access permissions were designed under the context of many users logging in to a (frequently remote) server. And for these purposes they work well. But this is really all they are for.
"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" - Richard Stallman
Offline
If an attacker has physical access to your machine and it is not fully encrypted*, it is game over.
*Obviously, there is a category of attackers for whom this may not be an insurmountable hurdle either...
Offline
Can I always just run the live iso and arch-chroot to run the passwd command?
Yep.
You could also pull the hard drive, plug it into a suitable USB adapter and mount it on any other PC or laptop that has drivers for your file system.
Physical access == game over. This is why data centers have physical security, racks lock, racks are separated by cages etc.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Wiki also points this out: https://wiki.archlinux.org/index.php/Re … t_password
Offline
There's a saying: physical access is root access.
Offline
It'd be the same for a Windows machine. Hefty, AD scheme, but take down the server and boot it from live-cd, all files are available.
I may have to CONSOLE you about your usage of ridiculously easy graphical interfaces...
Look ma, no mouse.
Offline
Pages: 1