Ooh, that bad crypto that I had previously encountered when enforcing a grub password has come back to haunt me. However, instead of single-user mode, I tried booting up with my rescue disk. But for some reason Linux wouldn't boot up into rescue mode. After reading through the RH9 Customization Guide, I realized that the installation CD-ROM would do just fine. I was able to boot into rescue mode that way, and edit the files that I've modified back to their original state. I'm now able to access root via su now. Now that I can do that, I'll read up on setting up sudo to that it'll work appropriately and then modify the root security access. Thank for your support.
Josh -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thomas E. Dukes Sent: Wednesday, June 25, 2003 5:55 PM To: [EMAIL PROTECTED] Subject: RE: HELP! - I've screwed up on security and now can't access root Have tried to boot into single user mode? Palmetto Shopper http://www.palmettoshopper.com Serving all of South Carolina and beyond! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joshua Peter Sent: Wednesday, June 25, 2003 9:28 PM To: [EMAIL PROTECTED] Subject: HELP! - I've screwed up on security and now can't access root I consider myself an intermediate user on Linux. I can do things very well, others not well at all. At my workplace, I've converted a former PIII NT machine into a smoking RH9.0 NetWorker client. One of the requests that my lead IT asked me to do is to set up this Linux box to be SSH enabled to transfer and store critical files. Although it was my first time doing so, I was able to impliment SSH, and then started looking for addtional security. So I downloaded the RH Linux Security Guide from RH's site. I was walking through the guide, and started working on root access. I wasn't reading ahead. Instead, I was just doing the commands that the guide instructed. First I changed the root shell in my /etc/passwd file from /bin/bash to /sbin/nologin. Second I disabled root access via any console device (tty) by creating an empty /etc/securetty file. Third I disabled root SSH logins by editing the /etc/ssh/sshd_config to set the PermitRootLogin to no. I didn't get as far as using PAM to limit root access services because at this point I then rebooted to test a previous security implementation to the grub.conf file to enforce pwords when login in to command line. I found out that something went wrong. I believe it was a bad crypto copy from the /sbin/grub-md5-crypt output, but that's not my problem. My problem is this. Because of my root access step one, I'm no longer to switch into root mode with su. I then tried to implement my commands with sudo. However, I cannot get it to accept my root password. FYI, because it was my first time running sudo, I didn't do any config on it. I know that my root password still works because when I execute any system setting programs, I can successfully start it with my root pword. I really want to edit my root shell back to /sbin/nologin. What is the correct implimentation of sudo? I've been entering the following below: $ sudo vi /etc/passwd I wish I were in front of my work workstation, but I'm currently at home and can't recall the output from that statement. All I know is that I can't get into it. Please can someone help me out here? -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
