Shadow password file
Vaughn Treude
plug-devel@lists.PLUG.phoenix.az.us
Wed Dec 3 11:57:02 2003
On Wednesday 03 December 2003 11:56, you wrote:
> Vaughn Treude wrote:
> > Hello all:
> >
> > I have a machine on which I have lost the root password. (Doh!) I was
> > looking for a workaround to reinstallation. I was thinking I could boot
> > it with Knoppix and replace the shadow password file. As a test, I
> > looked at the shadow password files on two different machines that
> > happend to be the same distro and have the same root password. The
> > encrypted entries for the root password were different! I can understand
> > this would be a security feature, but does anybody know of a wayI could
> > get my workaround scheme to work?
> >
> > Thanks,
> > Vaughn
>
> Can't you just reboot into single user mode where you will be dumped
> straight into a root shell ... where you can just passwd?
>
Good point. This one was a Mandrake system with a graphical login with three
fixed choices (linux, failsafe, floppy), so I couldn't do anything there -
though I'm sure that there must be a key I can press to dump it into text
login. In any case, rebooting in Knoppix and diddling the shadow file did
the trick.
BTW, if this machine wasn't safe inside my house I'd say the "reboot to
single user mode" sounds like a real security risk. I'm sure there must be
ways to lock that down, I'd be interested to see how they do it.
Vaughn
> If using LILO you can usually just type "linux single" at the lilo prompt
> ... you can do it with grub also ... just temporarily add single to the end
> of the line that mentions the kernel and boot from that (I don't remember
> the procedure exactly, but a little poking around and you can probably
> figure it out).
>
> This, of course, may be disabled.
>
> Austin
>
> _______________________________________________
> PLUG-devel mailing list - PLUG-devel@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-devel