[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] admin & root pwds don't match
- Subject: Re: [cobalt-users] admin & root pwds don't match
- From: "johnny t" <eastlan@xxxxxxxxxxx>
- Date: Thu Feb 22 13:16:03 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
You could go in and create a .pkg file to install another version of bash
that has root privlidges but world executable....which will get you in to
the root and allow you to change the password.
Granted, this is in theory only and I don't want to try it on the cobalt. I
would hope that there are some protection features through the cobalt that
doesn't allow this....but this may be an entry point for hackers.....sniff
the admin password for the web interface and install a cracking .pkg. With
that in mind, is there any way to make the web admin control panel SSL?
Since the box can generate it's own certificate, and the admin will be the
only person using it...it wouldn't have to be verified through verisign,
etc. Anyway, to make a point...this may work for you if you are keen on
creating your own .pkg files. Again, I also feel that this is a major
security hole that has already been exploited....but then again I do all my
web admin through SSH2.
JT
I have just done that and it did not work, SSH stills refuses root password
in su
If anybody knows how to fix this, please email me.
Thanks
Gilles
From: Peter Low <peterlow@xxxxxxxxxxxxxxxxxx>
Reply-To: cobalt-users@xxxxxxxxxxxxxxx
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-users] admin & root pwds don't match
Date: Thu, 22 Feb 2001 12:15:17 -0500
If you change the admin password through the GUI, the root password should
change as well. Try changing the password for admin so that it is 8 or
fewer characters. The GUI will accept passwords with >8 characters (I
think it may truncate to 8).
After you change the password to 8 or fewer characters, try to telnet/SSH
in as root. If you cannot, I'd guess that the mechanism that keeps the
admin and root passwords synched is broken. Unfortunately, I don't know
how this works or how to fix it.
Peter
_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com