Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!apple!ames!rex!wuarchive!zaphod.mps.ohio-state.edu!maverick.ksu.ksu.edu!unmvax!ariel.unm.edu!sfreed From: sfreed@ariel.unm.edu (Steven Freed CIRT) Newsgroups: comp.sys.dec Subject: Re: autoboot Message-ID: <1991Feb08.022302.26812@ariel.unm.edu> Date: 8 Feb 91 02:23:02 GMT References: <11858@helios.TAMU.EDU> <1904@riscy.enet.dec.com> Reply-To: sfreed@ariel.unm.edu Distribution: usa Organization: University of New Mexico, Albuquerque NM Lines: 37 In article <1904@riscy.enet.dec.com>, dbb@riscy.enet.dec.com (dave barrett) writes: > -- > In article <11858@helios.TAMU.EDU>, andrewd@cs.tamu.edu (Andrew Ted > Duchowski) writes: > |> If the DECstation goes down, it goes to single-user mode and sits there, > |> without prompting for superuser password or trying to get into multi-user > |> mode. > Shutdown and halt your system, and at the prompt type: > >> setenv bootmode a > This will cause the system to autoboot into multi-user mode if it goes > down. First of all, I assume that you are talking about systems with the new password protected ROMs in them. With that in mind, do not be foolishly led into believing that these systems are secure. They are not. They can be booted into single user mode by anyone at any time without the password. All you have to do is hit the reset button on the back, or better yet, the power switch. The machine will then try to boot into multi user mode, but, 9 times out of 10 (particularly if it is on a network) when it tries to fsck the disk, it will fail, and drop back into single user mode with a message such as: Disk inconsistancy, Please fsck by hand. Very quick, very simple. We have tried this many times here. We have found the only way to make it secure is to have the password protected ROMs AND a password protected init. Someday, DEC may also wake up to this fact. -- Thanks, Steve. sfreed@ariel.unm.edu