Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for Restoring a lost root password

Debian

Running network services as a non-root user

Post date: April 20, 2006, 10:04 Category: Security Views: 3221 Comments
Tutorial quote: There are many times when it is convenient to allow non-root users to run services, or daemons, which bind to "privileged ports". There are several approaches to this problem each with its own set of pros and cons. Read on for a brief look at the most common approaches.
FreeBSD

Reset MySQL password in FreeBSD

Post date: June 2, 2008, 12:06 Category: Software Views: 6265 Comments
Tutorial quote: Step by step howto for resetting MySQL password in FreeBSD 7 and MySQL 5.051a port.
Gentoo

Enterprise Volume Management System Mini How-To

Post date: April 13, 2005, 20:04 Category: System Views: 3690 Comments
Tutorial quote: Here is a rough write-up on how I installed Gentoo 1.4_rc1 on EVMS, with the exception of the root partition. If you choose so, see the EVMS Howto for instructions on how to mount your root file system on an EVMS volume. I felt the hassle of dealing with a EVMS (or LVM, for that matter) root outweighs its advantages.

This is a very basic setup I used for my laptop. I only needed it so I don't have to worry about getting the partition sizes right from the beginning and to be able to adjust them with ease in the future. I've been using LVM with success but I couldn't find a way to resize the volume group itself. This, the fact that afaik there is no support for LVM in kernel 2.5.x and a new laptop needing a fresh installation made me try EVMS.
Gentoo

Using extended attributes to better protect files

Post date: August 18, 2005, 18:08 Category: System Views: 11629 Comments
Tutorial quote: How many times have you accidentally overwritten a configuration file during an etc-update that you had customized? I had been aware of extended attributes for a long while now, but I had never taken the time to actually use them. The extended attribute that I am mostly interested with is the immutable attribute. This attribute, which can only be set by root, prevents a file from be changed or deleted, even by root.
Linux

Howto install the base Linux system onto a USB thumbdrive with the root partition encrypted

Post date: April 20, 2006, 12:04 Category: System Views: 2810 Comments
Tutorial quote: This howto will explain how to install a very basesystem onto a USB thumbdrive with the root partition encrypted. It includes support for cryptsetup-luks, and udev.
Linux

Creating a safe directory with PAM and Encfs

Post date: June 7, 2006, 20:06 Category: Security Views: 3180 Comments
Tutorial quote: Now, in my network (and others) the credentials provided at login could (and should) be used by those programs. How can you retrieve these credentials, providing enough security?
With a the PAM modules pam_script it's possible to store the password in a file, which will be used by fusemb and mount.cifs to read the password from.

To achieve security, one could make the user logging in owner and deny read/write for anybody else. Remove this file when the user ends his/her session.
This is enough, for runtime. But I was wondering, but what if the system crashes, and the file with the credentials remains on the harddrive? Anybody who is able to mount this harddrive with for example a lifecd, can read this file!

That's why I was looking for a way to encrypt this file.

With encfs this is very possible! At run time it gives an interface to encrypted files and directories, which does only exist at runtime! When the system is not running, there are only encrypted files, useless when you do not know the key to it. And this key is exactly the (encrypted) password! That's why I've chosen for a combination of PAM and Encfs.
Debian

Debian RAID 1/5 system installer

Post date: May 28, 2005, 22:05 Category: Installing Views: 3126 Comments
Tutorial quote: Instructions for installing a very clean Debian GNU/Linux system that boots from RAID 1, and has RAID 1 or RAID 5 root and data filesystems.

The examples assume two identical harddrives, sda and sdb, on which after a small boot partition, 1 GB is used for swap, 25 GB is used for the root filesystem and everything else is for a big "data" partition that will hold non-system stuff.
Unix+clones

Using Public Key Authentication with SSH

Post date: June 26, 2008, 10:06 Category: Network Views: 4733 Comments
Tutorial quote: The current leading SSH server, OpenSSH, offers two main methods of authentication: interactive password and public key authentication. While interactive password authentication is the default, there are several reasons for using public key authentication. After reading some background information about public key cryptography, you should have a firm understanding of what public key cryptography is and how it works. You're welcome to skip straight to generating keys for use with SSH. Setting up public key authentication will require a few minutes, but the results are worthwhile.
OpenSUSE

Perfect Paper Passwords - One Time Password System (OpenSuse)

Post date: April 20, 2009, 09:04 Category: Security Views: 3609 Comments
Tutorial quote: Almost without exception, today's Internet users prove their identity online using a fixed account name and password. In the past, this simple system provided sufficient security. But with the growing popularity of online banking and eCommerce, the value of stealing online identities has skyrocketed. And the increasing presence and "spyware" and "malware" on innocent users' computers means that users can be "watched" while logging onto their banking and other eCommerce sites. Once their logon credentials have been "captured" and stolen, Internet criminals can easily assume their identity.
Linux

How To Secure An SSL VPN With One-Time Passcodes And Mutual Authentication

Post date: June 30, 2007, 23:06 Category: Security Views: 3431 Comments
Tutorial quote: SSL-based VPNs were designed to eliminate the need for complex configurations on the user's PC. Unfortunately, that was before the dangers of public WiFi networks and tougher regulatory requirements came into being. Thanks to WiFi, many attacks that were difficult are now quite simple. In particular, a man-in-the-middle attack can intercept SSL-encrypted traffic, rendering SSL-based VPNs useless - even if it is protected by a typical one-time password system. The man-in-the-middle can easily feed the one-time password into the SSL-based VPN within the alloted time.
Web-based applications and online marketing solutions - LumoLink