password
Manuel Arostegui Ramirez
manuel at todo-linux.com
Mon Feb 5 16:50:07 UTC 2007
El Jueves, 19 de Febrero de 1998 12:49, Robert Stevens escribió:
> I purchased a computer on ebay with Fedora core. The Fedora core boots
> up, but asks for a user name and password and I can't go any further. The
> seller is not helpful. Is there any way I can get past the user name and
> password. This is a gateway computer. The computer is useless to me as it
> is. Bob
If you've lost your root password, you might be able to recover it this way.
However, some systems are protected with boot loader passwords that won't let
you do that without THAT password. If the boot loader is password protected,
you need to boot from other media - for newer systems, the install CD
probably has the recovery tools for that ("linux rescue" for example).
But let's try it the easy way first. The first thing to try is to boot to
single user mode. This MIGHT not work for you, because your system might be
configured to still ask for a root password to get to single user mode. If
that's the case, we'll use another trick that replaces init with /bin/bash.
First, try single user. If you don't see either a LILO or GRUB boot screen,
try hitting CTRL-X to get one. If it's LILO, just type "linux single" and
that should do it (assuming that "linux" is the lilo label). If GRUB, hit
'e", then select the "kernel" line, hit "e" again, and add " single" (or just
" 1") to the end of the line. Press ENTER, and then "b" to boot. (More modern
grub uses "a" to append to the boot line)
cartoon
You should get a fairly normal looking boot sequence except that it terminates
a little early at a bash prompt. If you get a "Give root password for system
maintenance", this isn't going to work, so see the "init" version below.
If you do get the prompt, the / filesystem may not be mounted rw (although
"mount" may say it is). Do
mount -o remount,rw /
If that doesn't work (it might not), just type "mount" to find out where "/"
is mounted. Let's say it is on /dev/sda2. You'd then type:
mount -o remount,rw /dev/sda2
If you can do this, just type "passwd" once you are in and change it to
whatever you like. Or just edit /etc/shadow to remove the password field:
move to just beyond the first ":" and remove everything up to the next ":".
With vi, that would be "/:" to move to the first ":", space bar once, then
"d/:" and ENTER. You'll get a warning about changing a read-only file; that's
normal. Before you do this, /etc/shadow might look like:
root:$1$8NFmV6tr$rT.INHxDBWn1VvU5gjGzi/:12209:0:99999:7:-1:-1:1074970543
bin:*:12187:0:99999:7:::
daemon:*:12187:0:99999:7:::
adm:*:12187:0:99999:7:::
and after, the first few lines should be:
root::12209:0:99999:7:-1:-1:1074970543
bin:*:12187:0:99999:7:::
daemon:*:12187:0:99999:7:::
adm:*:12187:0:99999:7:::
You'll need to force the write: with vi, ":wq!". (If that still doesn't work,
you needed to do the -o remount,rw, see above).
Another trick is to add "init=/bin/bash" (LILO "linux init=/bin/bash" or add
it to the Grub "kernel" line). This will dump you to a bash prompt much
earlier than single user mode, and a lot less has been initialized, mounted,
etc. You'll definitely need the "-o remount,rw" here. Also note that other
filesystems aren't mounted at all, so you may need to mount them manually if
you need them. Look in /etc/fstab for the device names.
Keep this in mind if you have a Linux machine in a publically accessible
place : without more protection, it's not usually hard to recover a lost root
password, which means it's just as easy for someone to CHANGE it, or access
root without your knowlege.
Another way to do this is to remove the password from /etc/shadow. Just in
case you screw up, I'd copy it somewhere safe first.
You want to end up with the root line looking something like this:
# original line
root:$1$EYBTVZHP$QtjkCG768giXzPvW4HqB5/:12832:0:99999:7:::
# after editing
root::12832:0:99999:7:::
If you are having trouble with editing (you really do have to learn vi one of
these days), you could just (after making a copy, of course) just
echo "root::12832:0:::::" > /mnt/etc/shadow
or, if you were in single user mode
echo "root::12832:0:::::" > /etc/shadow
and then fix things up when rebooted.
If using something like "linux rescue" or other boot media, if the recovery
disk doesn't automatically mount your disk, you need to do it manually. This
shouldn't be difficult unless you have an unusual disk controller. For
example, a Compaq raid controller will probably be /dev/ida/c0d0. Find the
partitions by using fdisk /dev/ida/c0d0 (just "p" and quit) and then mount
what you need.
If all else fails, consider that you can pull this drive (or install another
drive in this machine) and mount it from another running Linux. Then recover
the root password as explained above.
Hope this helps
--
Manuel Arostegui Ramirez.
Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.
More information about the fedora-list
mailing list