From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1E8aMB-0007wT-Nx for garchives@archives.gentoo.org; Fri, 26 Aug 2005 09:18:40 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7Q9G1pT006927; Fri, 26 Aug 2005 09:16:01 GMT Received: from mail.t-systems.cz (mail.t-systems.cz [212.67.76.249]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7Q9BGv5025960 for ; Fri, 26 Aug 2005 09:11:16 GMT Received: from mefisto.t-systems.cz (faust.t-systems.cz [10.246.110.12]) by mail.t-systems.cz (Postfix) with ESMTP id 4CF46899BE for ; Fri, 26 Aug 2005 11:12:34 +0200 (CEST) Received: from andre.t-systems.cz ([10.246.112.240]) by mefisto.t-systems.cz with Microsoft SMTPSVC(6.0.3790.211); Fri, 26 Aug 2005 11:12:34 +0200 Received: andre.t-systems.cz 10.246.112.240 from 10.246.111.19 10.246.111.19 via HTTP with MS-WebStorage 6.5.6944 Received: from frankies by andre.t-systems.cz; 26 Aug 2005 11:12:51 +0200 Subject: Re: [gentoo-user] Forgotten root password on remote system From: Frank Schafer To: gentoo-user@lists.gentoo.org In-Reply-To: References: <49bf44f10508250847393673ee@mail.gmail.com> <20050825162144.GA11609@princeton.edu> <200508260750.49590.ext-dirk.heinrichs@nokia.com> <1125039047.5829.4.camel@localhost.localdomain> Content-Type: text/plain Content-Transfer-Encoding: 7bit Date: Fri, 26 Aug 2005 11:12:50 +0200 Message-Id: <1125047570.5829.10.camel@localhost.localdomain> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.2.1.1 X-OriginalArrivalTime: 26 Aug 2005 09:12:34.0101 (UTC) FILETIME=[4B6B9650:01C5AA1E] X-T-Systems_Czech-MailScanner: Found to be clean X-T-Systems_Czech-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (score=-5.84, required 5, autolearn=not spam, ALL_TRUSTED -3.30, AWL 0.06, BAYES_00 -2.60) X-MailScanner-From: frank.schafer@t-systems.cz X-Archives-Salt: 10e4793b-b12f-4aa2-8506-515b786d1093 X-Archives-Hash: fe467954408f28b497efbbfd0bdad530 IYpi3tbduwbfwm Such a password can't be cracked by brute force. ... and it's easy to remember. If Your password is 3 times better, don't use words brute force won't matter. I use to use SUCH passwords. ;) On Fri, 2005-08-26 at 08:46 +0000, Fernando Meira wrote: > On 8/26/05, Frank Schafer wrote: > On Fri, 2005-08-26 at 07:50 +0200, Dirk Heinrichs wrote: > > Am Donnerstag, 25. August 2005 18:21 schrieb ext Willie > Wong: > > > > > Your best bet is to get someone your trust to boot into > single for you > > > and reset the password there. > > > > Single wouldn't work, You still get a login: prompt. The > only ways to get at > > it are LiveCD or booting with "init=/bin/bash". > > > > Bye... > > > > Dirk > > Right. Due to the fact that he got a new password, I think > they did it > exactly that way (LifeCD or boot disc). > > There is no official hack to get the password out of the > machine. It is > nowhere stored in uncrypted form and the crypting algorithm > itself is > not reversable. > > Not the best way to do it, but getting the crypted form of the root > pass and using it for a brute-force attack wouldn't get a good result? > By good result I mean a positive match within a short period of time! > Of course I assume for that, that he had an idea of what was the > password like.. number of characters, use of symbols, and so, so that > he could apply the attack as nearer of the real pass as possible.. > would this be a possible way to do it? > > > > -- gentoo-user@gentoo.org mailing list