Subject: Re: STUPID!!! (Yes, that's me!)
To: Colin Raven <duiker@haggis.nl>
From: Brian <bmcewen@comcast.net>
List: port-cobalt
Date: 11/01/2004 18:51:15
On Monday, November 1, 2004, at 05:57 PM, Colin Raven wrote:

> Andy Ruhl wrote:
>
>> I think probably a lot of us have hosed up the root account before. 
>> It happens. Part of being a unix admin. Recovering from it is what 
>> seperates you from the rest. Unfortunately on the Qube this often 
>> means hacking the disk from another machine if you can't get it to 
>> boot into single user via a serial console.
>>
>>
>>
> <sob>
> /me looks at a long night ahead.
> Isn't this great though?? I mean...all the practice....excellent for 
> documentation writing purposes.
> /me hits self on the head with a large book
>
>

The toor account can be handy.  It was not enabled by default on my 
1.6.1 netboot'd setup; you activate it by just giving it a passwd.

It's a root account (as you have gathered from other posts) that 
doesn't use the standard shell so that  if something happens to the 
filesystem and shell referenced in your root accounts startup (like, it 
doesn't exist as typed for any reason :) you'll have something you can 
still get into.

I just checked on my system and the provision that keeps people from 
being able to ssh into root also applies to toor.  So it's about as 
secure to have it enabled, as it is to have it disabled, as far as I 
can see.

HTH.

I know about the toor account as I did something similar in the first 3 
days I had my Qube up :), which is a time frame still measured in 
months...

Brian

-- 
... we parted each feeling
superior to the other and is not that
feeling after all one of the great
desiderata of social intercourse
-archy
_The Life and Times of Archy and Mehitabel_