How to configure guest account (for computer repair)
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How to configure guest account (for computer repair)
Okay, story is I spill my soda on my keyboard and ended up in a 4 day war with my pc. Now my tab, capslock, left shift, and down vol no longer works. I'm going to take it into the shop in the next couple of days to probably replace the keyboard. (If only lenovo kept the easy access keyboards like ibm had on the thinkpads). Something tells me that they will want to log in and test out the keyboard. So I created a guest account with a simple password. I changed my normal user home dir to 770 permissions and changed guest's shell to /bin/rbash. (both found in other posts.) Is there anything else I should do to secure the computer while it is in the shop?
[I use su, sudo isn't configured to work (its a dependency so I can't uninstall)]. I have a pretty decent root password.
repo: I'm not sure if they use live cd's. However, I did forget to use encryption on my partitions. (I need to reinstall anyways as I screwed up the current install.)
Indeed, with a live CD and no further protection, like you disabling boot from anything but HDD and putting a password for the BIOS, they can use a live CD to root it. If the HDD is not encrypted, they can take it out, mount it, and access data.
Ah, got it. meh, not enough to get me more than 5 years. haha
I'm just looking at non liveCD and without taking out the hard drive, at the moment.
Is there any way to restrict 'guest' from accessing su? (entirely, not just to root)
Wouldn't it be the easiest thing to backup your data (I assume that you have done that already ), wipe the disk, and install a minimal system, such as FreeDOS, Tinycore or Slitaz? You should in every case backup your data, just because they may wipe the disk.
If you really don't want them to see what is on the HD, remove it before taking it in. They shouldn't need it to test the keyboard and if they really want to boot it up and run it, then they can put a HD in it or even use a liveCD. Otherwise, play it cool. The most likely scenarios are that either they are honest and won't look or have already looked at enough people's dirt that they have grown bored with trying and may not even bother with yours.
Unless you previously encrypted the home partitions, I can't think of anything you can do at this stage to prevent them from getting at your data. In fact, making it look like you were concerned about it is likely only going to entice them into wanting to see find your obviously trying to hide. Sometimes low key is almost as good as Fort Knox grade measures.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.