[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Preventing Single user mode booting
1. change your bios to boot from the HD first.
2. set a bios admin password.
3. remove "secure" from the console line in /etc/ttys. this make's it so a
password is required even for single user.
console "/usr/libexec/getty Pc" vt220 off secure
to
console "/usr/libexec/getty Pc" vt220 off
i've never done this but i believe this will work.
at work we have systems with sensors that detect if the case was
opened. when it boots the next time the bios tells you it was opened.
--
mike
>
> I'm pretty much an OpenBSD newbie, but I'll guess that the answer
> is no. If someone can boot their custom floppy, nothing, short of
> encryption, you change on the hard drive is necessary to mount the
> filesystem.
>
> I suppose you could recompile the kernel, changing the filesystem
> code to use some slightly different, incompatible, data structures.
> However, someone might could be consider a (really lame) form of
> encryption, which you have clearly ruled out.
>
> - Marsh
>
> On 18 Apr 2001, at 22:03, Chris Cameron wrote:
>
> > Simply put, whats the best way to prevent someone with only physical
> > access from reading whats on my Hard Drive? I'm pretty sure if it came to
> > it someone could just pop the drive into another machine, but I'm not all
> > too concerned about that, I'm more looking at if someone were to boot it
> > with a disk to put it in single user mode.
> >
> > Is this possible?
> > Encrypting files isn't an option.. Or encrypting select files.
> >
> > Thanks,
> > Chris
> >
> > --
> > "she doesnt beat me because i'm sexy like john ramero or captain planet"
> > - Noah A.
> >
> >
>
>
>