Topic: Help forgotton root password

[satchmo]

Guys,

Sorry to post this n00b question in here, but I could find the same in any forums or contribs.

As the title says, Ive forgotten my root passowrd (doh!)
I can get in on the 'admin'account so i can still change stuff, but i need root so i can move some files around via ssh. and reset some permissions.

Can anyone help?

TIA

Satchmo

[Reinhold]

root-pw = admin-pw

 


Regards
Reinhold

[satchmo]

root-pw = admin-pw

 


Regards
Reinhold

Thats what i thought Reinhold - but it's not

[CheahCH]

> Thats what i thought Reinhold - but it's not

Do you mean you have changed the root password when you had access to a shell ?
Where are you trying to access it from ? Local?
By default as Reinhold has mentioned
root pwd = admin pwd
and
ssh from remote not switched on by default

In worst case boot to single user mode, you'll not be asked for a password. You'll be presented with bash which you'll be able to change the root pwd but you have to be at the local console.

[Reinhold]

satcho,

Are you sure SSH is active and it's not a CapsLock or NumLock problem?

If you did set a different root password at command line (which is a really bad idea !) do what CheaCH said ...in detail...

- Boot the SME box
- Wait for the SME Server splash screen
- Hit CTRL-X
- Hit TAB
- Enter the [image name] single
- Wait, then type passwd
- Enter new root-password (= admin-pw !!!)
- Type init 7 to go back to the std login prompt


Regards
Reinhold

[satchmo]

satcho,
If you did set a different root password at command line (which is a really bad idea !) do what CheaCH said ...in detail...

- Boot the SME box
- Wait for the SME Server splash screen
- Hit CTRL-X
- Hit TAB
- Enter the [image name] single
- Wait, then type passwd
- Enter new root-password (= admin-pw !!!)
- Type init 7 to go back to the std login prompt

Thanks very much that worked great!

[pen25]

if i may suggest something here. we might want to not give out this kind of information due to not knowing the use behind it. i know it sucks to be hard like this but id hate to see someone gain knowlegde on how to bypass server passwords like this just to get info.

[satchmo]

if i may suggest something here. we might want to not give out this kind of information due to not knowing the use behind it. i know it sucks to be hard like this but id hate to see someone gain knowlegde on how to bypass server passwords like this just to get info.

Hell! You're paranoid aren't you? Remember that this will only work if they have access to the box physically and can actually reboot the server. This knowledge is not hard to find out, check out a quick search on Google: http://www.google.co.uk/search?q=forgot+root+password%2Blinux&start=0&start=0&ie=utf-8&oe=utf-8&client=firefox&rls=org.mozilla:en-US:unofficial

If people want to hace into a server they will. We, as server admins, must make that task as hard for them as it is possible. We shouldn't rely on just a couple of security devices to think we have done the best we can to stop idiots entering our networks.

Think big locks

[Reinhold]

pen25

(0) Security by obscurity  DOES NOT WORK  
(1) What I described is BASIC LINUX KNOWLEDGE...

In summary: You trying to keep a secret that everyone else might know NEVER is a good idea !!!

1st law of sysoping:
Allowing physical access to hardware, especially a server - will doom you!

What you should do is describe the process you generated your "secrets".
Now show it to the world and see if there are clever people out there to show where you are unsafe.
("I" am sure anyone spending a lifetime in crypto will finally figure my autodidactic "genius" code)

Btw: The Linux password itself is a pretty safe "one way encode".
If you do not make a serious mistake in generating it  it THE PASSWORD ITSELF IS SAFE.
What we can & will do here is GUESS (=you made mistake, haX0r's lucky) or REPLACE (=access) it.

Regards
Reinhold