LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-04-2001, 06:58 AM   #1
michael brooks
LQ Newbie
 
Registered: Feb 2001
Location: Quakers Hill, Sydney, Australia
Posts: 2

Rep: Reputation: 0
Question unknown root password


I've reciently taken over the responsibility of network admin and was pretty damn ticked off to find out that the old guy had no knowledge of the root password for one of the servers. Although I've got the others under control, I hate the fact that I can't get into this one machine.

The machine runs SUSE Linux 6.2 and reloading is not an option. Does anyone know of a good method of cracking the password???
 
Old 07-04-2001, 07:12 AM   #2
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 269Reputation: 269Reputation: 269
the only way i know of is do a quick reboot into runlevel 1, change password and wa-la....
 
Old 07-04-2001, 10:06 AM   #3
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
Hi Trickykid,

From the user manual of SUSE's 6.x version it says SUSE treats runleve 1 as a maintenance level for root users to configure environmental settings, with only 1 super user account allowed to login.

The word "Login" suggests it's going to prompt for a password. ?

Anyway from a search I dug up this which could help you regarding SUSE lost root passwords.

> 1) Turn on your computer,
> 2) wait til it says "lilo boot: "
> 3) type "linux init=/bin/sh", where you replace "linux" with the label
> you use for your default boot,
> 4) wait till you get a shell,
> 5) type 'mount -o remount,rw',
> 6) type 'passwd',
> 7) type your desired password
> 8) type sync or your changes will be lost upon reboot
> 9) type 'mount -o remount,ro /' just to be sure

I don't use Suse, but I would mount off a boot disk and edit the mnt/etc/shadow file changing the root users encrypted text to a blank :: Then login as root with a ^C when prompted for the password to skip it.

/Raz
 
Old 07-04-2001, 05:10 PM   #4
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 269Reputation: 269Reputation: 269
ok then, suse has to be different then and make runlevel one not a normal single user mode.
oh well....
 
Old 07-04-2001, 09:50 PM   #5
michael brooks
LQ Newbie
 
Registered: Feb 2001
Location: Quakers Hill, Sydney, Australia
Posts: 2

Original Poster
Rep: Reputation: 0
Unhappy

raz

I tried and tried your suggestions, but without sucess.

I got up to step 5 'mount -o remount,rw', but when i typed 'passwd' I was given the reply 'authentication token manipulation error'.

Any thoughts???

Other than a bloody big hammer.
 
Old 07-05-2001, 05:07 AM   #6
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
hum, ok if it's getting that far it must think your have the correct id so instead of typing passwd at that point, why not edit the /etc/shadow file with vi and replace the encrypted bit in the file that looks like this.

root:$1%Nu5eP34$OFA6AAqDyYf6ui9khtw/k1:11487:0:99999:7:::
(this is just an example yours will look something like this)

Change it to

root:$1$h6pRbM3d$I.HG2RWyc.Ys9i7eOK0y6/:11487:0:99999:7:::
(make sure you type this in exactly)

Then continue with the rest of the command to no. 9 and reboot.

Then login as root with a password of "ihatemondays" and change it to something you won't forget.

/raz
 
Old 07-05-2001, 05:30 AM   #7
cinnix
Member
 
Registered: Jun 2001
Location: Northern Ohio
Distribution: RedHat, Engarde and LFS
Posts: 237

Rep: Reputation: 30
I don't understand how you are going to edit edit a root file without knowing the root password. If you can edit or even read this file without being root, then you may have some serious problems with your configuration. If this is the case I would moun the disk on another system, retrieve all of the important data and then do a fresh install.

You can try to check if you are root by doing a

echo $USER

Runlevel 1 is the single user level or maitenance level (means the same thing). If you cannot change your password from single user mode, then you may have a prolem with your pam libraries.

Try booting up with a bootdisk. and try mounting the root filesystem of your suse installation and editing the /etc/shadow file that way. If you do manage to get things working this way, I would look into why the way from raz would not work.

Why isn't reloading an option, reseting the root password is usually real easy to do. The directions from raz were correct. I am sensing serious server problems, which wouldn't surprise me. How was the old guy taking care of the server without having root access.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 10:28 PM
Unable to mount root fs on unknown-block pumaapple Linux - Newbie 1 09-17-2005 11:11 PM
Password Unknown cowpokeHenry Linux - Newbie 1 08-10-2005 08:10 PM
unknown id: root Smokey Slackware 3 12-05-2004 02:49 PM
Root mount in unknown filetype tvn Debian 8 07-10-2004 10:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration