Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'You can lock down Single User mode quite easily' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
You can lock down Single User mode quite easily
Authored by: rodneyweston on Apr 24, '08 05:47:55AM

Aside from Open Firmware/EFI passwords, you can configure your Mac so that the root password must be entered in order to access Single User Mode. If your root account is disabled, then it is impossible to enter the root password, and Single User Mode cannot be started.

To do this, the console and ttys must be marked as insecure in /etc/ttys:

1. Log in as administrator
2. Open Terminal
3. cd /etc
4. sudo cp ttys ttys.old (backs up previous ttys config).
5. sudo pico ttys
6. Replace all occurrences of the word "secure" with "insecure" at any lines that do not begin with a "#"
7. Exit, saving changes.

These instructions are from the Apple Mac OS X Security Configuration manual.



[ Reply to This | # ]
You can lock down Single User mode quite easily
Authored by: nussbash on Jan 03, '10 07:04:36PM

This procedure works except that the password for login.keychain remains lost. What will reset that? Thanks!



[ Reply to This | # ]