Hey guys. I’m new to Linux and I’m running Linux Mint 21.2 Cinnamon. Yesterday I have f*cked up. I was testing things in users and geve myself standart priveledges insted of Admin ones I had from beggining and then restarted PC. I then tried log back into users tab and change myself back to Admin but even tho the password is correct It says that it is not. /So at this point there is only one user in PC who has standart privliedges and no Admin./ I then tried to access root via terminal and this time It said that I don’t have permision to do that. And this is where I’m at right now. Please help get back my admin privliedges.
Edit: Issue is fixed. I started GRUB and changed my password which fixed the whole issue. Once again big Thank you to everyone who gave me tips and also big thank you to the guy who started posting about rowing machines. You all wonderful.
If you’ve lost root credentials you can always bypass them.
https://www.tecmint.com/reset-forgotten-root-password-in-ubuntu/
When your in after this point you can reset the password to something you know then continue from there.
Wait wtf? You can just reset root password that easy? What’s even the point of having a password, if all of your data and info is so easily accessed if someone gets physical hold of the machine. I guess so software/remote hackers can’t get your stuff, but still. This seems wild to me, I dunno.
New to Linux so I’m sorry if I’m being ignorant, but it does seem crazy you can get access to a machine without the password.
Edit: Thanks for all the comments below! I guess I’ve been spoiled by BitLocker in Windows being enabled by default and not having to think of disk encryption. Appreciate everyone’s time and responses!
Linux can do it to Windows machines too. If it’s not encrypted, USB drive is all it takes.
If it’s not encrypted, a live usb can read all the data on any machine anyway.
There needs to be some mechanism to recover your machine should this happen. It’s not that much more difficult to do it on a windows machine either.
The truth of the matter is is if somebody has physical access to your machine it’s not your machine anymore. They can pull out the hard drive and plug it into a machine that they have a password for and read from it if it’s not encrypted. So on and so forth.
Which is why you never throw away a computer with the drives in it and you never throw drives away without physically destroying them. Don’t give other people the chance to see your weird shit.
If an attacker has physical access then you’re already screwed in most cases.
Pretty much. Even if an attacker can’t boot your system, if they have physical access they can just pull your hard drive and mount it on a system they can boot. Only encryption can prevent this. Linux security was originally meant for keeping unprivileged accounts on multiuser systems from messing things up for others on the same machine. It can stretch to some other use cases, but is not a panacea for everything.
And even password based disk encryption can be defeated with 2-3 physical accesses if an organization wants to hard enough. Keyloggers can be very, very sneaky.
At that point you’d have to roll something like Yubikey-based disk encryption to be safe, because this re-establishes control over some physical parts of the system. Until they find the backup Yubikey you had to not lose all data by losing the primary key you’re carrying around to maintain control over it.
It’s not a battle the defending side can win.