recovering from a forgotton logon password

Questions about Grub, UEFI,the liveCD and the installer
Forum rules
Before you post please read how to get help
Post Reply
barneyblogggs
Level 1
Level 1
Posts: 27
Joined: Mon Dec 29, 2014 7:40 am
Location: Newcastle, UK

recovering from a forgotton logon password

Post by barneyblogggs »

If I am reading this article correctly:

https://community.linuxmint.com/tutorial/view/1355

then in the event of my laptop being lost or stolen, my data isnt safe, even if the the home folder is encrypted (one comment to the post was offering advice on how to bypass the encrypted status)

So basically (if I am reading correctly) all a bad guy has to do once they have 'found' a Linux laptop is to edit the Grub and boot into a passwordless root shell, change the password of the user they have found by running cat /etc/passwd then they're in...

If the home folder is encrypted all they then need to do to get past this is to remove the login.keyring and the system creates a new one.

Is there anyway I can disable this.

Regards,
barneyblogggs

User avatar
Moem
Level 20
Level 20
Posts: 11120
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: recovering from a forgotton logon password

Post by Moem »

barneyblogggs wrote:
Mon Apr 22, 2019 7:29 am
all a bad guy has to do once they have 'found' a Linux laptop is to edit the Grub and boot into a passwordless root shell, change the password of the user they have found by running cat /etc/passwd then they're in...
This is true. Note that on a Windows machine, it's not any harder, because while booted from a live Linux medium, all Windows files can be read.

It's not for nothing that people say that once you have physical access to the machine, you are basically root.

But I don't think it's correct what you wrote about encryption. After all, this is precisely what encryption is for: to block access to the files while the computer is in strange hands. If it were so easy to bypass, it would be useless.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!

rene
Level 15
Level 15
Posts: 5937
Joined: Sun Mar 27, 2016 6:58 pm

Re: recovering from a forgotton logon password

Post by rene »

Indeed it's not that simple. If you change a user password as root, the user's home directory encryption key isn't changed along.

User avatar
absque fenestris
Level 8
Level 8
Posts: 2110
Joined: Sat Nov 12, 2016 8:42 pm
Location: Confoederatio Helvetica

Re: recovering from a forgotton logon password

Post by absque fenestris »

You can also encrypt the whole hard disk or SSD. Nothing is impossible, but the cracking just takes a little longer... :mrgreen:
Linux Mint 18.3 Sylvia (Mate) 32-bit - Acer D250 Netbook (Intel Atom N270, 2 GB RAM, 120 GB SSD)
Linux Mint 17.3 Rosa (Mate) 64-bit - MacBook Pro 15" (Intel Core2 Duo, 8 GB RAM, 240 GB SSD) - with some separation difficulties...

rene
Level 15
Level 15
Posts: 5937
Joined: Sun Mar 27, 2016 6:58 pm

Re: recovering from a forgotton logon password

Post by rene »

As with any security measure step 1, often skipped, is knowing what you are defending against. Full-disk encryption does provide for fewer attack vectors, but home directory encryption is in and of itself also quite secure, the main weakness being the ability to brute-force the login password, not the encryption itself. And while the NSA will have little trouble with most login passwords the average loser junkie who stole your laptop certainly will, as will most any honest or otherwise finder, without specific interest in any of your secrets but only in the newly obtained hardware.

User avatar
absque fenestris
Level 8
Level 8
Posts: 2110
Joined: Sat Nov 12, 2016 8:42 pm
Location: Confoederatio Helvetica

Re: recovering from a forgotton logon password

Post by absque fenestris »

Forum member rene has brought me back to the idea: with a lost password why not ask the official state administration?
:mrgreen: :mrgreen: :mrgreen:
Linux Mint 18.3 Sylvia (Mate) 32-bit - Acer D250 Netbook (Intel Atom N270, 2 GB RAM, 120 GB SSD)
Linux Mint 17.3 Rosa (Mate) 64-bit - MacBook Pro 15" (Intel Core2 Duo, 8 GB RAM, 240 GB SSD) - with some separation difficulties...

pbear
Level 14
Level 14
Posts: 5206
Joined: Wed Jun 21, 2017 12:25 pm
Location: San Francisco

Re: recovering from a forgotton logon password

Post by pbear »

barneyblogggs wrote:
Mon Apr 22, 2019 7:29 am
If I am reading this article correctly:

https://community.linuxmint.com/tutorial/view/1355

then in the event of my laptop being lost or stolen, my data isnt safe, even if the the home folder is encrypted (one comment to the post was offering advice on how to bypass the encrypted status)
Well, no, you're not reading it correctly. What the comment said was, "This kind of worked for me but I can't access my encrypted homefolder anymore (of cause I lost the paraphrase as well)."

By the way, you should be careful with old tutorials - and in Linux Land, five years is half an eternity. Here's a current link.

barneyblogggs
Level 1
Level 1
Posts: 27
Joined: Mon Dec 29, 2014 7:40 am
Location: Newcastle, UK

Re: recovering from a forgotton logon password

Post by barneyblogggs »

All,
Many thanks for the responses.
I am very relieved to hear that brute force decryption of an encrypted Home folder isnt a simple affair.
I for one am really happy to admit that I did not read that bit correctly.
So I dont need to start sleeping with my laptop under the pillow at night :-)

Regards,
barneyblogggs

JasonStonier
Level 2
Level 2
Posts: 67
Joined: Sun Oct 02, 2016 10:51 am

Re: recovering from a forgotton logon password

Post by JasonStonier »

barneyblogggs wrote:
Mon Apr 22, 2019 2:51 pm
So I dont need to start sleeping with my laptop under the pillow at night :-)
But if you choose to for personal reasons we won't judge you. Probably. :D

Post Reply

Return to “Installation & Boot”