/target/etc/grub.d/01_PASSWORD from 2010 French forum post

1 reply [Last post]
cuvtixo
Offline
Joined: 09/10/2018

I hope this background isn't too trivial to bring up, but I recently, stupidly, lost the password to an encrypted disk of a brand new installation someone installed for me. I believe I must have made a typo in putting in a password at first boot; I set it up late at night after dealing with insomnia for a couple of nights. Bad idea. Being new to Trisquel, I looked up "trisquel default password" just in case it wasn't actually me who made this password (installing different linux distros is a kinda hobby of mine. Many, maybe most have default passwords). The first result on Duckduckgo is askubuntu.com and the second is https://trisquel.info/fr/forum/lost-password which is a 2010 posting that is just about entirely in English, so... a bizarre twist in the search. Anyone know why this search result would be case?
Forgive my long-winded windup to this point here: ruben posted there:
"In fact, Trisquel comes with that entry disabled to improve security.
If you want -and most important, know how- you can still enter in grub
edit mode and add the "single" parameter to boot in root mode.
Since that is also a security threat, since Trisquel 4.0 the edit mode
requires a password, which is random for every installation and lives
in /target/etc/grub.d/01_PASSWORD and only root can read it.
So, it is wise that the system administrator read that password and
note it down in case something goes wrong.
Haut"
I couldn't find "target", is 01_PASSWORD somewhere else now? I can't find it in "Issues". Magic Banana, who, by the way, reliably appears in all more recent "password posts", expresses some doubt about the utility of this feature then, for one because root users of bootdisks would still have access. I'm wondering if this continues to be the case, or was it removed as a security threat?

Magic Banana

I am a member!

I am a translator!

Offline
Joined: 07/24/2010

A GRUB password is almost always useless. Ruben (Trisquel's leader) has realized it: Trisquel 8 does not have such a password by default anymore. Of course GRUB can still be configured to set such a password.

Without encryption, you can use any live system to access the data and to even get a terminal on the installed system (through 'chroot') to set the password of any user (without knowing the previous one).

On the contrary, a password to encrypt an home folder cannot be changed without knowing or discovering (e.g., by social engineering or by brute force if the password is weak) the current one. If that would be the case, encryption would be as useless as a GRUB password. By default, the password to decrypt your home folder is the user password but changing that password will not change the password of the encryption.

Apparently, you actually have no data to recover anyway: just reinstall.

About the "fr" in the URL, it defined the preferred language for the site (https://trisquel.info/forum/lost-password or https://trisquel.info/en/forum/lost-password direct to the same thread) and has nothing to do with the French-speaking sub-forum, which is https://trisquel.info/forum/trisquel-utilisateurs