(?) The Answer Gang (!)


By Jim Dennis, Ben Okopnik, Dan Wilder, Breen, Chris, and the Gang, the Editors of Linux Gazette... and You!
Send questions (or interesting answers) to

There is no guarantee that your questions here will ever be answered. You can be published anonymously - just let us know!


(?) BIOS passwords - Bane of my existance

From Unidentified Querent

Answered By Ben Okopnik, Heather Stern

Can I send the Answer Gang a question and ask that I not be identified? PLEASE??? Reason: I feel stoopid enough already. Hey, you may decide that it isn't even a good idea to print this one. I doubt I would...

(!) [Ben] You really have no reason to feel stupid. Not knowing something does not equate to being stupid; as I tell the students in my classes, "educated is what you're supposed to be when you come out, not when you come in." However, I don't think that there will be any problem with honoring your request: Heather, the TAG's Answer Gal, scrubs off the e-mail addresses anyway, and I've already removed your name.
(!) [Heather] Yes. I can strip anybody who wants down to anonymous and I already make a sincere effort to scrub company references, etc from most things. Someotimes it matters (like when someone is a spokesperson for the company of a product we're talking about) but usually it is cruft and gets cut.
As Editor Gal I can make sure this thread is scrubbed thorughly of your identity, and will.

(?) It's really TWO questions but the second question is not necessary if you have an answer to the first (which I doubt).

(1) I read your "LILO:Password Protected Entries" article in the new March LinuxGazette. Though I do not have a LILO question, I'd like to ask you to follow up on something else you touched on in that article.

One of my toys is a CTX EzBook 800 laptop which is currently running SuSE 7. A while back, I thought it would be a good idea to block access to "Lorraine's" BIOS settings. I set the BIOS password so that access to the BIOS is blocked but booting is not. Good thing. I soon forgot the password.

(!) [Heather] Ut oh. This is below the scope Linux can probably help with, but read on.

(?) This isn't a HUGE problem since I don't have to access the BIOS very often but booting from a CDROM is now impossible (without using a boot floppy) and setting or correcting local time is a real pain in the rump (see question 2).

(!) [Heather] have you tried setting Linux' date and then:
hwclock --systohc

(?) I know BIOS backdoors exist but I've been unable to find one for mine.

(!) [Heather] /dev/nvram maaaaybe. Unfortunately it's laced with some righteous warnings and most people use it by figuring out what to do with it when they have normal BIOS access.

(?) Lorraine's got a PhoenixBIOS 4.0 Release 6.0.67A dated 1985 - 1997. In the year or so since I got stoopid, I've scoured the Internet for info on what the Phoenix backdoor might be - I found nothing. I even contacted the manufacturer, CTX, to see if they would help. All they would suggest was popping open the laptop and removing the BIOS battery, something I'm not sure I'd do even if I knew how to (yeah, I know I'm a wimp).

(!) [Heather] Opening the laptop may be tricky. The usual rule is There Are Lots Of Tiny Screw To Get Lost. Taking notes and not making sudden moves while it's half open (so you can see where plastic traces are plugged in before yanking them loose carefully) are both good.
But the BIOS is usually a watch battery and about as easy to deal with as a watch once you have it.
You may want to get printouts and take notes during bootup of things that are BIOS options as far as you know them. dmesg may help some.

(?) So... The questions remain: Do you know how to foil this sucker or, failing that, can you

(2) Tell me how to reset the BIOS time from within SuSE 7? That'd be a piece of cake with RedHat's linuxconf but I've yet to find anything in SuSE that would do the trick. Don't even ask about yast and yast2... Change time zone, yeah. Change time, no way.

(!) [Heather] Ah yes, this would be the hwclock command I gave above. You have to be root to use it.
As for linuxconf, err, I haven't had good luck with it myself. YaST (yess, that's really how the command is spelled) is the admin tool under SuSE, but as you can see, it's really more about installing stuff, not so much for sysadmin work.
(!) [Ben] Take a look at the 'cmostool' utility <http://www.ibiblio.org/pub/Linux/hardware/?M=A>;. It allows you to back up, modify, hex dump, etc. the CMOS - as well as deleting the whole thing (which wipes out the password.)
!!! WARNING WARNING WARNING !!!
Do not do this if you don't know what you're doing! Wiping your CMOS will make your system unbootable. You must know at least the CHS (cylinder-head-sector) values for your hard drive, and either know or be able to figure out the other necessary settings. If you dump your CMOS and get stuck, you are on your own!
Now that I've scared you into twitching fits and heebie-jeebies...
Most BIOSs today are auto-configuring, and will either auto-detect or give you the option of auto-detecting your HD; Phoenix BIOS certainly does that (it's been my favorite for many years now.) For myself, if I'm going to do that sort of thing - and I've worked on many, many machines where the owner had set a BIOS password and forgot it - I'll boot DOS, save a copy of the settings to a bootable floppy via 'savecmos', and only then blow away the password via 'cmosedit'. That way, if things go truly awry, I can at least get back to where I was and try something else. The 'savecmos' utility (including 'cmosedit') is available all over the Net, e.g. <http://members.tripod.co.uk/paulc/cmosutil.zip>;.

(?) P.S.: I bought this laptop new from Sears (don't laugh) and have the receipt and everything. Honest!

(!) [Ben] I will be certain to stop by and check up on you. Have them ready, and be afraid. Be very afraid. :)
(!) [Heather] Cool. Makes it lots easier to insure and all. It's entirely a side note, but http://www.mobilix.org has a nice list of laptop resources.

(?) Thanks!!!
Signed: Stoopid


This page edited and maintained by the Editors of Linux Gazette Copyright © 2001
Published in issue 65 of Linux Gazette April 2001
HTML script maintained by of Starshine Technical Services, http://www.starshine.org/


[ Table Of Contents ][ Answer Guy Current Index ] greetings   1   2   3   4   5   6   7   8   9   10   11   12   13   14   15   16   17   18   19   20   21   22   23   24   25   26   27   28   29 [ Index of Past Answers ]