[Chester LUG] "Recovering" (SUSE) (root) passwords
Stuart Burns
stuart.james.burns at gmail.com
Fri Feb 26 16:19:15 UTC 2010
Alternatively when grub is starting spacebar and apend 1 to boot line
abd press b. Will boot into single user mode then use passwd
Sent from my iPhone
On 26 Feb 2010, at 16:02, Ben Arnold <iamseawolf at gmail.com> wrote:
> Afternoon --
>
> To follow up with yesterday evening's discussion, here is how to
> "recover" a root password on an installed SUSE (and other with slight
> modifications) Linux system. I use inverted commas because one doesn't
> recover it, it is chnaged to something new; likewise, other users' is
> just removed and re-set.
>
> These steps will only apply when GRUB is installed; other boot-
> loaders, like the one on the CD, need a slightly different process.
>
> The process involves starting the system in single-user mode
> (automatically logging in with the root account), changing root's
> password and optionally removing the password associated with other
> local accounts.
>
> 1) During boot, enter the GRUB boot-loader screen by pressing Escape.
> - This is where we select which OS to boot. Many contemporary distros
> use the 'hiddenmenu' feature, booting the default OS if the user
> doesn't hit a key within 5secs or so. Catch this time-out and display
> the GRUB menu proper.
>
> 2) Ensure the distro item is selected and press 'E'.
> - This will display the configuration for booting that particular OS.
>
> 3) Highlight the 'kernel' line and hit 'E'
> - This will edit the individual line of the configuration set.
>
> 4) Append to the end of this line the word 'single'
> - This option, or flag, tells the kernel to start a single-user
> console, rather than continuing a normal boot process with Init, after
> loading the kernel.
>
> 5) At the shell, change root's password with the 'passwd' command.
> - Single-user mode's single user is root. Double-check the currently-
> logged in user with the 'whoami' command, or make sure the prompt
> contains the hash symbol instead of the normal dollar sign.
>
> 6) Optionally, edit the /etc/shadow file to remove other users' -- not
> root's -- passwords. Remove the 2nd field.
> - The line should read something similar to:
> johndoe:$6$imR8AG.G$nK4HHDTraw.w7xN1IHAM5ot1dc:13562:0:99999:7:::
> johndoe::13562:0:99999:7:::
> but keep the colons. They're the delimiters that separate each field.
>
> - the /etc/shadow file mirrors the list of user accounts found in the
> /etc/passwd file. When a user attempts to log-in, the password entered
> is hashed and compared to the stored MD5 hash found in /etc/shadow.
>
> 7) Restart the system.
> - The only time you'll have to turn it off and back on again.
>
> 8) Log in as root with the new password.
> - If this is not accepted, reboot in to single-user mode again and
> re-set it.
>
> 9) Change other users' passwords using 'passwd username'
> - Root, as superuser, can change the passwords of others accounts.
> Other users, however, can only change theirs; sudo must be used for
> others.
>
> 10) Stick the kettle on.
>
> Again, this is a generic process that may be slightly different on
> SUSE, but it shouldn't. I'm pretty sure there isn't anything that can
> *totally* knacker up a box, but system-level stuff is always prone to
> slips :) (Confidence FTW)
>
> Hope it helps!
>
> --
>
> Ben Arnold
> Chester, UK
>
> e: iamseawolf at gmail.com
> e: ben at seawolfsanctuary.com
> w: seawolfsanctuary.com
>
> nom = { :cookies => :mouth }
> nom; nom; nom
> _______________________________________________
> Chester mailing list
> Chester at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/chester
More information about the Chester
mailing list