Linux root password mystery

[orb85750]

Well, I inherited an older Redhat Linux box.  The problem is that I don't have the root password!  Unfortunately, I think I already know the answer to this question, but is there any way to circumvent having to reinstall a new OS?!?

[AmigaHeretic]

Sure,

right after you power on the computer start tapping "F8" about once a second...

Now you get a prompt, select "SafeMode"...

It will boot, but this time you will see a hidden account called "Administrator" above the account that you don't have the password for , click on this "Administrator" account.

Now go to control panel and you can just delete or change the password for the other account.  

Bam!!  You're a hacker!!


Oops, wrong OS... Sorry :-(

[LoadWB]

Yes, there is.  And a good Google search should help, or searching the Red Hat support area.

In short, you will need a Red Hat boot CD, or any other "live" CD which can access the filesystem type used for the system (probably ext2 or ext3.)  Mount the main (root) partition, navigate to /etc and work with the passwd (and/or shadow?) file(s).  Make backups of the files, first.

I've had to do this on a few Solaris boxes, so I have that process down-pat.  Linux I've only had to do once, so my vision is a little hazy.  There's probably a better (read that as easier) way, something along the lines of the Offline Registry Edition for Windows, but for Linux.

HOWEVER, you might want the experience of loading your own operating system, anyway, even if you stick with Red Hat.  You can use a "live" CD to copy the files you want off the system and then reload.

[orb85750]

Thanks, now I need to find a RedHat CD, I suppose.  BTW, I love your TI 99/4A screenshot.  That was the first computer I ever owned.  Let's see, I suppose I was 11 or 12 yrs. old back then and doing more programming than I do now!  What a sad state of affairs.

[Piru]

@orb85750

Basically you boot in single user, edit /etc/shadow file and remove the password for the root user, save changes, reboot. You typically do not need any boot CDs for this.

One neat trick is:
Add "init=/bin/sh" to linux kernel boot command.

Then in shell:

Code: [Select]


mount -o remount,rw /
passwd
(enter the new password when prompted)
mount -o remount,ro /
sync

And then reset the system.

Different linux versions might have other easier means to do it, though. You could also ask google, which gives you detailed instructions for Redhat such as:
http://www.go2linux.org/fedora-centos-root-password-recovery
http://kbase.redhat.com/faq/docs/DOC-1193

[banzai]

orb85750 wrote:
Well, I inherited an older Redhat Linux box.

Just so we're clear here, which version of RedHat does it have? You see, RH dropped the "RedHat" name from all distros except their "Enterprise" versions (RHEL), and started using the "Fedora" name for the releases. That was about five years ago, as they release a new version of Fedora every six months, and they just got done with Fedora 10 (looks/works nice so far...).

Now, if you have anything earlier than Fedora 8 (like the box I'm using now), it would behoove you to just wipe and update with the newest distro. If there is data you're trying to grab, then Fedora 10 will boot in a "Live" mode, allow you to access the drive and pull off any data, then install over everything. NOTE: You'll need lots of RAM (512MB+) to boot a Live CD, although the HP Pavilion I have with only 300MB and 800MHz Celeron was able to do it - slowly.

Info, ISOs, and docs can all be found at the Fedora Project.

banzai
runnin' RedHat since 5.2!

[skurk]

Boot into runlevel 1.  When dumped into a shell, change the password and reboot (or continue the init process)

[LoadWB]

skurk wrote:
Boot into runlevel 1.  When dumped into a shell, change the password and reboot (or continue the init process)

Holy Snapple... uh, so you "own" the box if you own it, huh.  Every step of the way in Solaris requires the root password.  Single user mode, kdmconfig, even breaking out of the boot process for filesystem maintenance (manual fsck, if you don't have it set in vfstab) requires the root password.  I'm disappointed. :huh:

Thanks for the nod to my TI screen.  That was also my first home computer, though my first computer (at school) was both the Apple ][+ and Atari 800XL (or 1200XL, I forget now... I think we got the 800s and the teacher used a 1200.)  I still have my TI around, with the PEB and some cards, all stock (no hacks) and I program it on occasion.  Mostly now it's become a thing of wonder for my friends' children... they LOVE the machine!

[yakumo9275]

skurk wrote:
Boot into runlevel 1.  When dumped into a shell, change the password and reboot (or continue the init process)

wouldnt work on any of my boxes, you still need a password to log in. usually in this situation I just boot a live cd, mount the drive and remove the password from the /etc/passwd and reboot

[Colani1200]

LoadWB wrote:

Holy Snapple... uh, so you "own" the box if you own it, huh.

If you have physical access to a box, you always own it. No matter what system. (Using an encrypted filesystem can improve the situation though.)

Every step of the way in Solaris requires the root password.

Still it would be possible to take out the HD and mount it in another system.