Recently I was asked to reset root password on some long forgotten Debian box. It was an easy and straightforward task, but, as there are some interesting pitfalls, I will describe the whole process of acquiring root shell without password using single-user mode and a couple of ways to prevent it.
You have probably already noticed my favorite way to overcome the sudo redirection issue, but if you haven’t, then I will write it down here for further reference.
By default dmesg command print kernel ring buffer using the timestamp for each logged message. It is easy to change this behavior and display date/time in a human-readable form using just one additional parameter. Still, sometimes it is not supported, so I will shortly touch upon this topic.
It is very easy to tell how long the system has been running using uptime command, but the information when exactly it was booted is not so apparent, so I will show you two different ways to get it.
Static key configuration is the easiest and shortest way to set up OpenVPN tunnel.
I am using Firefox web browser most of the time, but you need to know that I have drawn a clear line between daily browsing and strictly private usage by using browser sandbox. I will shortly describe whole process so you could also benefit from it.
Last year I wrote a short article about how to set up SSH port forwarding but I forgot to mention that you can quickly terminate existing port forwardings and create new ones during the SSH connection.
Today I will mention about arpwatch utility (developed by LBNL’s Network Research Group) as it is a small and very useful tool that will keep track of the Ethernet/IP address pairings and log every change which you can monitor and analyze.