Re: Breaking in from the monitor at the console

[mouse () Collatz McRCIM McGill EDU (der Mouse)]

> > But if you lose the monitor password, a recovery procedure is
> > documented.
> Why can't you "strings /dev/eeprom" and look at the first word, which
> is the monitor password I believe.

For one thing, that assumes the machine will boot far enough for you to
log in (as root, since presumably nobody else can read /dev/eeprom).
If it's set fully secure (eeprom secure=full), this is not normally the
case.  As for whether it's the first word, that is not true on the one
machine I just tried; it may depend on the machine (this was tried on a
SPARCstation 1+).

When I did "strings - /dev/eeprom", I got 8 strings:

        45670123
        31204567
        Ec#Y;A1y
        sd()vmunix
        le()vmunix
        0123
        ^L9600,8,n,1,-
        ^L9600,8,n,1,-

The third string has been changed, since that was the ROM password.  (I
replaced it with a now-used password from my use-once password scheme.)

Based on the output of /usr/etc/eeprom, here are my guesses:

        45670123                st-targets
        31204567                sd-targets
        Ec#Y;A1y                password
        sd()vmunix              boot-from
        le()vmunix              boot-from-diag
        0123                    sbus-probe-list
        ^L9600,8,n,1,-          ttya-mode
        ^L9600,8,n,1,-          ttyb-mode

Obviously, I could have ttya-mode and ttyb-mode reversed, and the ^L
before them is presumably a stray.

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu