Mar*_*red 6 freebsd security password root
我可以使用我输入的任何随机密码为任何用户(例如:root或operator存在于 中的任何用户)登录我的机器(FreeBSD 9.1-RELEASE)/etc/passwd...
我试图为rootwith重置密码passwd,但如果我尝试登录,我可以使用我输入的任何随机密码登录......奇怪。
这仅在我直接从tty. 尝试通过 SSH 登录时,一切正常 - 我需要提供正确的密码才能登录。如何解决这个问题?
编辑:内容/etc/ttys:
# name getty type status comments
#
# If console is marked "insecure", then init will ask for the root password
# when going to single-user mode.
console none unknown off secure
#
console none unknown off secure
#
ttyv0 "/usr/libexec/getty Pc" xterm on secure
# Virtual terminals
ttyv1 "/usr/libexec/getty Pc" xterm on secure
ttyv2 "/usr/libexec/getty Pc" xterm on secure
ttyv3 "/usr/libexec/getty Pc" xterm on secure
ttyv4 "/usr/libexec/getty Pc" xterm on secure
ttyv5 "/usr/libexec/getty Pc" xterm on secure
ttyv6 "/usr/libexec/getty Pc" xterm on secure
ttyv7 "/usr/libexec/getty Pc" xterm on secure
ttyv8 "/usr/local/bin/xdm -nodaemon" xterm off secure
# Serial terminals
# The 'dialup' keyword identifies dialin lines to login, fingerd etc.
ttyu0 "/usr/libexec/getty std.9600" dialup off secure
ttyu1 "/usr/libexec/getty std.9600" dialup off secure
ttyu2 "/usr/libexec/getty std.9600" dialup off secure
ttyu3 "/usr/libexec/getty std.9600" dialup off secure
# Dumb console
dcons "/usr/libexec/getty std.9600" vt100 off secure
编辑 /etc/ttys 以使该行:
console none unknown off secure
替换为:
console none unknown off insecure
另外,您的配置中应该只有一根控制台线。