• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

Sign in to follow this  

Simple way to secure your root shell just a little bit more

Recommended Posts

-Alex-    101

Well, I liked it. Say what you want but I like it :p

Simply edit your shell login scripts file (/root/.bashrc) to include:

clear
echo "So you've found out the root password, now what?"
read P

if [ "$P" != "leeter" ]
then
 clear
 echo "I don't think so, goodbye!"
 exit
fi

clear

Or the one-liner:

clear && echo "So you've found out the root password, now what?" && read P; if [ "$P" != "leeter" ]; then clear && echo "I don't think so, goodbye!" && exit; fi; clear

Simply enter 'leeter' or whatever you specify when you get the prompt.

:)

Share this post


Link to post
Share on other sites
Fish    48

Thing is, if you saw this as you opened a root shell, you'd know that there is a modified bashrc. So, you'd open bashrc and you'd see what the "password" is.

Perhaps it would work better if it didn't say anything along the lines of "So you've found the root password...", but simply left you at a command prompt. You might think you could enter any command, but actually, the shell will close unless you give the correct "password" first. Then again, after a couple of attempts, you might suspect that bashrc had been modified in some way....

Is there no way of obfuscating the password in bashrc?

Edited by Mr Fish

Share this post


Link to post
Share on other sites
pyther    0

Couldn't that be halted with a simple Ctrl+C ?

Share this post


Link to post
Share on other sites
nuskool    0

worst...security...ever.

Share this post


Link to post
Share on other sites
Rudy    457
worst...security...ever.

+1

Share this post


Link to post
Share on other sites
adwin    0

If you want better security, configure your root device as an LVM/crypted AES....

Share this post


Link to post
Share on other sites
David Scaife    0

An encrypted volume won't do anything to prevent or stop an attack against a running system. It's not a bad idea, and it is better security-wise than the alternative, but it's more of a physical security consideration.

Regarding the original poster's idea, the reason it doesn't help security is that you're relying on two assumptions: that an attacker who knows your password has to execute (and can't read) your .bashrc file, and that your script can't be terminated before calling exit.

The first assumption is false. There is nothing requiring that the console read/execute your .bashrc (let alone requiring that bash run at all); an attacker could simply specify bash --norc as the program to run if they wanted a shell when they run su or connect through SSH or whatever, bypassing your extra password prompt.

The second assumption is also false; as pyther said, a simple ctrl+c would terminate the execution of your script and present the attacker with a shell.

Security is not a trivial thing to get right. Essentially what you have attempted to do is add a second password; an extension to your existing password if you will, which unfortunately doesn't work very well. You'd be better off just appending that extra string to the end of your actual password.

Edited by David Scaife

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.