Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Found this. Seems to be very straightforward and will most likely help you solve your problem. http://www.linuxforums.org/security/..._password.html
If you look below the main write-up there is a comment by another person- "One More Thing" - that is indeed the way I first suggested...so I guess I was right.
Last edited by Vincent_Vega; 11-28-2007 at 09:35 AM.
As you would have noticed, if you had done a search before posting, there are already several threads about losing or "losing" root password, and answers to the question "how to get it back?" (well, you don't, but you can reset it).
Anyway, after this you'll hopefully understand why it's so easy to reset one's root password, and what to do at minimum to make it more difficult. The usual methods are as follows:
- booting into single-user mode (no live-cds needed); if you haven't set bootloader password, and are able to boot into single-user mode, a root login can usually be obtained without any passwords. passwd then changes the password..
- booting from a live-cd or connecting the harddisk into another machine will, unless the disk (or at least root partition) is encrypted, reveal the passwd and shadow files and enable basically anyone to erase the password field and have access to root account
- loose sudo configuration usually means you can get root login anyway, so unless your sudo configuration is nonexistent or very strict, that's a way to go too
This will make you the "root" user without asking for a password. Once the system has booted, you can change the root password using the password command:
The instructions for GRUB users are similar. Press 'e' at the GRUB prompt to select boot parameters. Select the line for the kernel you want to boot, and go to the end of it. Add "single" as a separate word, and then press ENTER to exit the edit mode. Once back at the GRUB screen, press "b" to boot into single user mode.
Easy enough. Those steps are right-on. If you're using GRUB, you select your choice, press "e" to edit, add 'single' to the kernel line, press <ENTER>, and press "b" to boot. I have not done this myself but I have edited many grub entries at boot time.
Try one method and post back with your success or failure! We'll go from there.
This is actually a great way also! For the sake of simplicity, I definitely suggest using this method first. I see no reason why this will not work for you.**
Good idea, jschiwal!
** unless of course you are not a privileged sudoer!
Someone who isn't a member of the wheel group wouldn't need to change the root password.
I tried it, but I didn't actually carry through with it. I ssh'ed into an old Pentium III laptop I installed FC 6 on and tried it out. I got a "new root password" prompt, and then bailed. This might be different in RHEL. A member of the "wheel" group could be able to do this to the main "root" user. However, the main administrator would probably also have a regular account and be a member of the wheel group as well, so it wouldn't be hard to run "sudo passwd" to create a known passwd and then look in the logs and see who did it. Assuming the "wheel" member didn't hide his tracks.
I should have thought out my last response better. If you have FC6 and you indeed have many users and different wheel users, that user could also remove the root users regular account from the "wheel" group locking the main administrator out. I think the fix would be to change a line in a PAM configuration so that the old root password would need to be entered first. This would make using "sudo passwd" to reset a forgotten password impossible however. So it really depends on how well you trust the "wheel" members. On a corporate server, if the wheel members are employee's the main administrator with physical access to the server could boot up in rescue mode, reset the root password the old school way and find out how need to be fired. If it were a remote server, then this convenience may need to be plugged.
So I assume RH and Fedora make everyone members or the 'wheel' group? You sort of lost me because being a privileged sudoer doesn't necessarily mean you're a member of any particular group. On my system, I can change the root password the way you suggested but I didn't bother putting myself into the wheel group.
Is that a standard for RH?
...and has knockout_artist had any success with this? It's always nice to hear what everyone's help resulted in for those people who, in the future, have the same issue!
Last edited by Vincent_Vega; 11-28-2007 at 08:03 PM.