Passwords mistakes in CLI.

D

Dendros

I'm used to boot FreeBSD in CLI mode then start the GUI with the startx command and it works quite well. But there is this: sometimes it happens that I forget to enter my username at login prompt and type my user password instead. And when I wanted to switch to root, instead of typing the su command, I accidentally entered root's password in clear text on console.

I'm sure that these accidents are huge security risks if the system keeps records of them in its logs, that can potentially be read.

I know that the real solution is to be more careful when typing but sometimes this simply just happens.

The question is: should I use a graphical login manager with autologin to avoid this problem? And when switching to root, I probably should do that in a terminal emulator or use sudo or doas.

Thoughts?
 
Dendros said:
And when I wanted to switch to root, instead of typing the su command, I accidentally entered root's password in clear text on console.
Click to expand...
This is not a big problem but depends on the shell you're using. That password may have been recorded in the shell's history. With sh(1) this isn't a big problem, the shell's history isn't persistent. Just logoff and the history is gone.

With tcsh(1) you can use this little trick:
  • Save the history: history -S
  • edit ~/.history with an editor, remove all the occurrences of the password. Also remove the line above it, which looks like #+<long number>, that's the timestamp of the 'command'.
  • Load the edited history: history -L
For bash(1) you can simply edit ~/.bash_history.
 
I've done it before. It helps keep you from doing it again.
 
You must log in or register to reply here.
Back
Top