 |
 |
Weird System Admin
|
|
|
|
|
Senior User
Join Date: Apr 2001
Location: Palo Alto, CA
Status:
Offline
|
|
A user at our workplace logged out of his home computer and found that one of his logged in users was the System Administrator. He claims he did not log in as root and his password is relatively secure (random name + 5 digits) and is not written anywhere.
My question could this have been a system quirk or would someone had to have logged in as root?
Would they have to have logged in physically on the computer to show up in the users pane or could it have happened remotely?
|
|
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Apr 2001
Status:
Offline
|
|
Chances are pretty good that the system didn't spontaneously decide to log root in.
With that said, I think the default configuration for SSH is to not allow root to log in remotely (as it should always be).
He should check the output of the "last" command.
Does he have VNC installed or Apple Remote Desktop access turned on? If so, someone could have used Fast User Switching remotely to log in another account.
But incidentally if I came home and found root logged in on my box, I'd yank the Ethernet cable out in a heartbeat and leave it unplugged until I got an idea of what was going on.
There's not really enough information to determine for sure what happened.
Wade
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Apr 2001
Location: Palo Alto, CA
Status:
Offline
|
|
Here's another question from the same user... in trying to troubleshoot this issue, he put in new passwords both for himself and as root. But when he input his own password he thinks he mistyped so for example if his pass was eskimobread he might have mistyped eskimbread twice so it was accepted but not what he expected and because of this he could no longer log onto his user area.
Anyway the upshot was that he had to log into root to change his user password because however it was that he mistyped it he could not recreate it. BUT the keychain is still on the wrong mistyped password that he can't figure out. If he has root access can he get a keychain password that has been forgotten?
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Nov 2003
Location: Huh?
Status:
Offline
|
|
I don't know if you can do that with root since I don't have too much experience using root, but you might consider just booting from the System Disk and then selecting the Change Password option from the menu at the top. That might handle it, or, at the very least, it's another option.
|
|
"The captured hunter hunts your mind."
Profanity is the tool of the illiterate.
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Apr 2001
Location: Palo Alto, CA
Status:
Offline
|
|
He never did find the keychain password, but we had backed up recently so he replaced the keychain file with an old one which allowed him to use the old password.
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top