On Wednesday 12 September 2007 23:53:04 Thomas Leavitt wrote: > Very cool - I'm in as root! Now this is a *real* Linux box! > > ... although, from another perspective, I find it incredibly uncool that > I've been walking around with a machine with a widely known default root > password, not knowing that I'd enabled remote access to it when I > installed the "ssh" package. I was under the impression that you had to > go through some bizarre and risky gyration to obtain root access to the > machine... not simply ssh to localhost!!!!! Eek?!? > > Now, another geeky question. "user" is a lame login name. I'm going to > assume that it is incredibly unwise to rename "user" to something > reasonable, like "thomas" :) ... is it possible to create a new user and > login using that account instead? I see (via redpill mode) that > "adduser" is one of the packages installed. > > I also noticed that "/etc/shells" has a long list of shells. It seems > just slightly strange to me that, on a device this resource constrained, > they'd "waste" even that many "bytes" by not truncating this file... > makes me wonder what other potential "optimizations" haven't been done. > > I also wonder how the synaptic install package managed to add a line > referencing itself to /etc/sudoers... if the app installer permits > modifications of this sort to be made to /etc/sudoers, doesn't that > suggest someone could simply write an app that added the line below, or > write a malicious app that gave itself root privileges? > > What's the default password for "user"? Will changing it affect > anything, since obviously the system auto-starts? > > Thomas I don't know if user has a password. I've given mine one (so I can ssh to the box as user) and not root. As for changing the user. I've not gotten into it yet as it would involve changes to the init scripts to login automagically as a user other than user. (hard to type that sentence is). I do remember that someone had once gotten it to run as themselves (His first name was Jim... but the rest I forget.) If I remember I'll pass it along. James > > James Sparenberg wrote: > > On Wednesday 12 September 2007 12:39:52 Thomas Leavitt wrote: > >> What's the cleanest way to get this? > >> > >> Thomas > >> _______________________________________________ > >> maemo-users mailing list > >> maemo-users at maemo.org > >> https://lists.maemo.org/mailman/listinfo/maemo-users > > > > For me and my way of thinking. Install Xterm... Install openssh (as > > apposed to dropbear) from garage. open Xterm and do ssh root at localhost > > use rootme as the password. Add this line to /etc/sudoers > > > > user ALL=(ALL) NOPASSWD: ALL > > > > Now give bother the user named user and root real passwords. Once you do > > this user, user can sudo su to root whenever you need it to. I also > > recommend removing the ability of root to ssh directly after you have > > confirmed that you can sudo. > > > > James > > _______________________________________________ > maemo-users mailing list > maemo-users at maemo.org > https://lists.maemo.org/mailman/listinfo/maemo-users -- READ CAREFULLY. By [accepting this material|accepting this payment|accepting this business-card|viewing this t-shirt|reading this sticker] you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies (?BOGUS AGREEMENTS?) that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.
