Bill Moran wrote:
Christian Tischler <[EMAIL PROTECTED]> wrote:
Jerry McAllister wrote:
Eugene M. Minkovskii wrote:
On Mon, May 30, 2005 at 03:53:29PM +0200, Christian Tischler wrote:
" Eugene M. Minkovskii wrote:
"
" >On Sun, May 29, 2005 at 10:55:41PM +0200, Christian Tischler wrote:
" >" Hi,
" >" I am running a FreeBSD 5.1 system and some time ago it startet to
" >" "forget" some user passwords.
" >" As the system is now running for over 2 years I cannot imagine any
" >" reason why this shound be.
" >" Any ideas.
" >
" >root# su user
" >user$ passwd
" >newpasswd
" >newpasswd
" >user$ exit
" >
" >
" >
" >" Thanks in advance
" >"
" >" Christian
" >" _______________________________________________
" >" freebsd-questions@freebsd.org mailing list
" >" http://lists.freebsd.org/mailman/listinfo/freebsd-questions
" >" To unsubscribe, send any mail to
" >"[EMAIL PROTECTED]"
" >
" >
" >
" And how do I do it from remote via ssh?
"
you$ sudo su user
or, if you in group wheel, perhaps possible following
you$ su user
if you are not sudoer and you have not other way to take a root
privilegies, you can't be other user. And this is right. In other
case anybody can be anybody.
" thx
"
" Christian
"
" PS: that was not quite an answer to my question I think, was it?
Sorry for the confusion. But the problem is that the server forgets the
password of the user (in wheel) I want to log in with from remote.
The question was not how to become root or any other user to change the
password. The question was why the box forgets the passwords in the
first place, and how to stop this.
You may have to give more information.
I have never seen a system "forget" a password unless someone or something
intervened and specifically changed them. Or, is it possible that you
put an expiration on the passwords? By default, I believe FreeBSD
sets that at infinite, but you or someone might have changed that while
tinkering around.
////jerry
thx for the answer.
I gave you all the info there is.
The system is now running since the release of 5.1 (2 years?) and this
"password forgetting thing" startet about one month or so ago. I am
quite sure that I did not tinker around with the config.
But I will take a look at the expiration time just to check.
If you're _sure_ that nobody authorized has changed the password, then
there are two very scare things possible:
1) Someone has cracked your system and is trying to keep you out by
changing your password.
2) Your disk is failing and has corrupted your password file.
Considering how old 5.1 is, and how many security issues have been
discovered since 5.1, I would place a high probability on #1.
No guarantees, though. But I would definately consider and investigate
those two possibilities if I were you.
1) that is what I thought first, too. But the root password and the
password for another account never changed.
2) this consideration also came to me. that is the reason why the system
is going to be "upgraded" to raid 5 and a new 5.x.
But as my time is very limited I first tried to fix that problem to keep
the machine up and running until I have more time.
The fact that 5.1 is old does not matter so much in terms of security,
as only ssh and some high ports for a crypted vpn are open to the net,
and the box is behind a firewall/nat/router thing.
thx for your reply
christian
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
