-3

Please tell me, how can I install a backdoor so that I can reset the password from recovery mode, as well as from terminal. I would prefer that this be something that can only be done while installing and that it would notify you for a few days after installing that there is a backdoor so that you can't install Ubuntu on someone's computer with a backdoor to hack/crack there information.

rajlego
  • 833
  • 2
  • 11
  • 36

1 Answers1

5

You likely don't need a "backdoor".

You can reset the password for any user by booting to recovery mode or using a Live CD. Both these methods give you root on a system by virtue of having physical access. The only way to deny this sort of thing is using full disk encryption with a strong password you enter on boot... But yeah, that will deny any sort of recovery if you forget it.

If you need to handle this remotely, you could set a root password (sudo passwd) and enable root login in /etc/ssh/sshd_config but you should consider that a security risk. root login is disabled for a reason and I honestly don't think it's worth it...

Community
  • 1
Oli
  • 293,335
  • Why is root login such a risk? And what can I do to reset password or to make a way to reset password if I encrypt it? – rajlego Mar 17 '14 at 10:42
  • 1
    https://help.ubuntu.com/community/RootSudo (benefit number 5 is the best one, in my opinion) and as I say, LUKS is secure... Well, it's as secure as your passphrase. You can still run dictionary and brute attacks on it but the time to brute would be astronomical. – Oli Mar 17 '14 at 10:49
  • @rajlego The whole point of encrypting the drive is to make it so that you must enter the password. The only way to "reset" the password on an encrypted drive is to wipe the drive. Translation: If you encrypt your drive, don't lose your password. I suggest writing it on a (paper) card and putting that card someplace safe – Patrick M Apr 02 '14 at 09:16