Interrupting Boot to change root password

A question with respect to security - How to secure this as this would allow anyone to change root password using this method. I think the only ones who have the ssh key pair can do this or is there additional security method?
  • post-author-pic
    Terrence C
    11-15-2018

    In this case, SSH is not involved. You would have to have console access (either access to the virtual console for the guest OS or physical access to the server on a monitor with connected keyboard to interrupt the boot process and inject the line to boot to single user/maintenance mode).

  • post-author-pic
    Femi A
    11-16-2018

    I guess the best thing is to lock up your computer in a safe somewhere in the middle of the atlantic ocean. If anyone has access to it, they can reset the root password. So I guess the architecturing will ensure it's not easy to get to the server virtually or physically I guess.

  • post-author-pic
    Brandon B
    11-16-2018

    @Femi While I get the tongue in cheek aspect of your comment, you actually are not wrong. This is the entire point of air-gapped environments; physical locations that are secured separately from the main server room and are not directly connected to an exterior network.

  • post-author-pic
    Michael C
    11-17-2018

    Like Brandon said your servers should be physically secure because if
    they have access to your physical infrastructure is pretty much game over.  Whats to stop them from just taking your hard drives?



    If you want one extra layer of security, you can set a
    password on your GRUB as well so before they can make changes to it they have
    to know that password.  But again, they
    will have physical access to your infrastructure (or admin access on your
    Virtualization platform) and either of those basically is game over from a
    security perspective.

Looking For Team Training?

Learn More