If you are booting an older version of the Network Security Toolkit (release
1.0.4 or earlier), or you have specified
one of the bare bones boot options (like
base, mbase or any other
option which does not include NST_UTILS in
the boot options flag), the Network Security Toolkit will boot with a initial
password of nst@2003.
If you skipped running the
nstisopasswd-1.2.3.bash command
mentioned in the Downloading And Burning The
ISO Image, you will be forced to set the
initial system passwords each time you boot the NST. The
password specified will be required when you try to access the
system (only the password will be changed, you will still access
the system as the "root" user).
The nstpasswd command is used to change
many of the crucial system passwords associated with the
NST. This utility sets many different passwords in a single
shot. For example, I can change the password to
letmein with the following command (the new
password is not echoed):
Figure 6.1. Changing All of the NST Passwords
[root@probe root]#nstpasswdNew NST Password: Retype new password: Successfully updated password for 'root' in /etc/shadow Successfully updated password for 'root' in /etc/httpd/conf/htuser.nst Successfully updated 'authorized_keys' file for 'root' and 'vpn' users Successfully updated password for 'root' in /root/.vnc/passwd Successfully updated password for 'root' in /etc/samba/smbpasswd Wed Apr 21 14:21:20 2004 Initializing gdbm databases Wed Apr 21 14:21:20 2004 Now running as requested user 'ntop' (100:101) Wed Apr 21 14:21:20 2004 Admin user password has been set Successfully updated password for 'admin' in /var/ntop/ntop_pw.db[root@probe root]#
As the output above shows, many different passwords on the
Network Security Toolkit probe have been changed to my new setting
letmein. From this point on (until reboot),
the new password will be required to gain access via a console,
a serial port, a ssh connection,
VNC connections, the Web User Interface
(WUI), etc.
You must specify a password that is at least 6 characters long. The alphanumeric characters ([0-9], [a-z] and [A-Z]) will always work. Some special characters are acceptable (like [@]), however, NOT all special characters are acceptable. So, if you have your heart set on passwords like "!@#$%^", and they don't work, we really aren't that interested in hearing about it.
If you struggle with coming up with passwords, give the pwgen utility a try (its included in the NST distribution). The random set of passwords it generates each time its run is pretty impressive.