It’s hard to believe, but even in the short time since my friend picked up a new computer, there’s already been a password problem. Apparently it was a new password, misspelled slightly for added “security,” and then promptly forgotten. After several failed login attempts as the primary user, I got a text message pleading for help.
In Ubuntu, if you can believe this, it’s quite easy to change or “reset” the password for an account, so long as you have physical access to the machine. In total this should take you about 10 seconds to finish, give or take for the actual speed of the machine.
First restart, and then watch closely as the computer starts up again. After the BIOS screen disappears (the screen that usually shows the manufacturer’s logo, or information about the hardware), hold down the Shift key (if you’re using a version earlier than Karmic, you will probably have to press Esc repeatedly).
If all goes well, you should be at a Grub boot menu. From the list you see, pick any option that ends with the “recovery mode” option, and press return.
In Karmic and perhaps in some earlier versions, you may get a gray, blue and red menu that describes several different options; the final option — “Drop to the root shell prompt” — is good enough. Some of the earlier versions of Ubuntu went straight to the prompt.
Then you should see the command-line cursor, with root as your user name. Next type
passwd enter_username_here
and press return. You’ll need to enter the new password twice for confirmation, and then you can restart the machine.
reboot
You can logout of the root account if you like, and go back to the gray-blue-red menu, but it’s just as easy and useful to reboot from that point.
And the new password should work fine. From within Gnome there are ways for a person to adjust their password by themselves, so I gave my friend “password” as the reset one, and at some point it can be changed to something else. Crisis averted. π
Motho ke motho ka botho 
Moral of the story: Always secure physical access to the machine.
Yup. That’s the bottom line. … π
Now I feel safe knowing that my password is can be easily bypassed…
Bypassed yes, provided someone can physically access your machine. But as it was put to me a long time ago, if physical security is compromised, “all bets are off.” π¦
No. You just have been educated. That’s why it’s encouraged to use BIOS boot-up passwords, boot loader password, disk encryption, and so forth.
I know, I know, it’s not very hard to circumvent that but what can you do if one has physical access…
I for one know of at least one netbook with an SMD SSD and all the rest also very high integrated. Makes me chuckle imagining the bad guys trying to access my rather unimportant stuff on that device…
Yeah, famous last words… π
I’m am so going to encrypt my /home/ when I upgrade Jaunty…that will at least make my stuff unreadable even if they reset the password right?
I’m not 100 percent sure. Seems to me if someone has access to your computer, and they can access recovery mode, then they can change your password and access your account. Encryption might not stop them if they can sign on as you.
Access to the user account and access to the encrypted home are two different things. Changing the user password does not change the password to access the encrypted home. The two accesses are not directly related.
Yes, I have tried this.
Even if I can’t answer your questions directly, as I don’t use Ubuntu, here are some things you might want to know about. They are old hats already and might *partially* not be relevant anymore, though:
http://en.wikipedia.org/wiki/Cold_boot_attack
http://www.schneier.com/blog/archives/2008/02/cold_boot_attac.html
http://www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-dma-part-1-overview-and-mitigation
http://www.forensicswiki.org/wiki/Slack
And let’s not forget swap partitions/files and temporary files somewhere on drives. And/or wear levelling on flash drives… π
There are always many levels of security/saftey. It all depends on your needs/paranoia… π
Look up ‘digital forensics’ if you are interested. Oh, and ‘file carving’. And ‘key logger’. And ‘sniffing’. And … π
I trust the people who have physical access to my machine anyway… basically my wife and cat.
The biggest threats are online ones, not in-person ones. People used to make fun of those who write passwords on Post-it notes right on the computer, but it’s probably safer to do that with a complex password than not write down a password at all and have it be a simple one someone can remotely log in with.
Pingback: Reset a password in Ubuntu | Ubuntu-News - Your one stop for news about Ubuntu
Makes sense. I’ve always told customers their machines are not safe if they’re not physically secure – with any OS, if the data’s not encrypted, you can just pop the drive into another machine and sudo your way to any data. Heck, MacOSX just ignores permissions on external drives by default.
If you have physical access yet can still gain access to a machine that is security at it’s worst. Add that to another reason I would never use Ubuntu. In an effort to make life easier for the casual user they have sacrificed security. IMO Ubu is the MS of the Linux world and we are all worse off for it.
Steve, could you explain in more detail why ubuntu is so insecure? If you’re going to tell us about the usual sudo complaints, then don’t bother. In fact, for a desktop or laptop computer using sudo is not bad at all. OTOH, if you consider using sudo in a server that’s another story, easily changeable by any sysadmin. For the rest, I believe Ubuntu services are as secure as any other distros’.
Pingback: Destillat #12 | duetsch.info - Open Source, Wet-, Web-, Software
Pingback: Links 13/3/2010: AMD Comes to Sub-notebooks, Tiny and Big (Game) for GNU/Linux | Boycott Novell