Topic: Recover root password

[pietdejong]

Hi All,

Does anyone know how to recover a lost root password ?

I am simply asking out of interest.

Many thanks
Piet

[Jon_Reynolds]

Boot into 'single user' mode and mount the etc directory and change the root password using an editor or issueing the passwd command, I think. Someone correct me if I'm wrong.

Jon

[bobk]

Boot into 'single user' mode and mount the etc directory and change the root password using an editor or issueing the passwd command, I think. Someone correct me if I'm wrong.

Jon

Basicly correct but he is how to do it.

If you loose the "root" "admin" password do this -

hit CTL-X when the 'e-smith' or 'contribs.org' graphic comes up at boot-time. This puts it into lilo text input mode.
Type:

esmith single

This boots e-smith into single user mode and logs you on without a root password but with SU powers!

Now type

passwd root
enter the new root password and confirm

passwd admin
enter the new admin password and confirm (same as root)

Then type

init 7

[PhilV]

Ummm... maybe I'm stating the obvious here, but is this not a security problem? If someone has access to the main terminal, there is almost no point in having the password if ANYONE with this info can change it.

Phil

[Jon_Reynolds]

Hi Phil,

You are quite right in your response to this. There is a way to   disallow this. I can't remember how exactly this is done but it is actually quite easy. Maybe someone else could shed some light on this.

Jon

[stauder]

no. I still can use my CDROM based linux, mount the SME root filesystem and delete the password from /etc/shadow. FOr the case that you have no CDROM drive installed, i would take the machine physically

Ummm... maybe I'm stating the obvious here, but is this not a security problem? If someone has access to the main terminal, there is almost no point in having the password if ANYONE with this info can change it.

Phil

[schirrms]

Ummm... maybe I'm stating the obvious here, but is this not a security problem? If someone has access to the main terminal, there is almost no point in having the password if ANYONE with this info can change it.

Phil

Hi,

Generally speaking, at the moment you give a physical access to a server, and you accept a down time (shuting hard the system, reboot in single, change a password and then go back to level 7 is not exactly a discete action) there's no way to say that a system is still secure.
Even if the person with an access don't change anything on your filesystem, it's more than easy to do a complete copy of the drive(s), and there no security at all.

Regards,

[Boris]

If there is physical access to the server, there is no good protection from booting server off CDROM or floppy (or simply stealing the server). The only (presumable) good option is to encrypt file system on the server. This is not (yet) supported by SME.
You can chain server to the rack or desk, you can disable cdrom and floppy drive, disconnect and disable keyboard, but usually why not just limit the access to it by locking it in the (server) room?