LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-26-2011, 08:05 PM   #1
micronda
LQ Newbie
 
Registered: Jan 2011
Posts: 1

Rep: Reputation: 0
linux login


I am being asked for a linux login password and I do not know it. I am using Suse 9.3. Is there any way to remove it?
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 01-26-2011, 08:23 PM   #2
deadalus.globalnode
Member
 
Registered: Feb 2010
Distribution: Arch linux and backtrack 4 r2
Posts: 53

Rep: Reputation: 3
A bit more infomation would be usefull. Are you getting a command prompt, or a Graphical login? I am assuming that this is your computer you are talking about.
 
Old 01-26-2011, 09:13 PM   #3
binary_pearl
Member
 
Registered: Jul 2007
Location: Chicago Illinois
Distribution: SLES 10 SP2/SP3, SLES 11 SP1, OpenSUSE, Sabayon, Gentoo, Fedora 14, RHEL 3/4/5/6
Posts: 98
Blog Entries: 3

Rep: Reputation: 23
root password hacking is fun! This is one of my favourite questions to ask in interviews for Linux people. Going along with deadalus.globalnode's comment, we'll assume this is your computer where you do have access to try these things. These methods are fairly advanced, but I'll try to give as much detail as possible.

First thing you need is a linux live distro. Any suse install or live disk should work. Assuming it's a suse disk, boot off the iso and go into "Rescue Mode". There should be a menu option when the cd boots.

One you get a root prompt: you have 2 options:

1. chroot into your system and run the password command
The first thing we had to do is identify your root partition:
Quote:
fdisk -l 2> /dev/null | grep dev | grep -v dm
Every system is different, so if you can post the output we can probably determine which filesystem is your root.

Once we know the root file system:
Quote:
mount /dev/$root_file_system /mnt
mount --bind /proc /mnt/proc
mount --bind /sys /mnt/sys
mount --bind /dev /mnt/dev
cd /mnt
chroot .
Some of the above commands may be a little overkill for a password reset, but it's good to do anyway, for future reference.

At this point you should be able to type the command: `password`. It should ask you for a new password. Type it in twice and should take effect.

Then:
Quote:
exit
umount /mnt/proc
umount /mnt/sys
umount /mnt/dev
cd /
umount /mnt
reboot
Again the above commands are a safe but paranoid way of rebooting. If you just reboot without doing the commands you will probably be OK.


2. Edit the shadow file with a known good password hash.
Thinking about it, this is actually even more advanced, so we'll leave this as a last resort if option 1 doesn't work

--Shaun
 
Old 01-26-2011, 09:33 PM   #4
deadalus.globalnode
Member
 
Registered: Feb 2010
Distribution: Arch linux and backtrack 4 r2
Posts: 53

Rep: Reputation: 3
If you are going to go all out, I would go with Backtrack 4.

Really any live linux cd that has perl installed will work just fine.
In addition to what binary_perl said you can do it is like so:

boot a live cd
open the password file in a text editor found at /etc/passwd
copy and paste the following into the file at the end:
myroot:XXq2wKiyI43A2:0:0:root:/root:/bin/bash

after you have saved the file, reboot. you login as "myroot" with "password" as your password ( with out the quote marks).

If you want a different password then use the perl command:
perl -e 'print crypt("your_password_goes_here", "XX"). "\n"'
and replace XXq2wKiyI43A2 with the out put of the command above.

I find this way a bit simpler.

Last edited by deadalus.globalnode; 01-26-2011 at 09:36 PM.
 
Old 01-26-2011, 09:38 PM   #5
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,130
Blog Entries: 2

Rep: Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825Reputation: 4825
Wouldn't it be easier to first append init=/bin/bash to the kernel-line in grub, and then change passwords from there? May grub has no password set.
 
Old 01-26-2011, 09:48 PM   #6
binary_pearl
Member
 
Registered: Jul 2007
Location: Chicago Illinois
Distribution: SLES 10 SP2/SP3, SLES 11 SP1, OpenSUSE, Sabayon, Gentoo, Fedora 14, RHEL 3/4/5/6
Posts: 98
Blog Entries: 3

Rep: Reputation: 23
What deadalus.globalnode is describing is what I was calling option 2.

deadalus.globalnode: I have 2 concerns with your idea:
1. Does Backtrack try to figure out a root filesystem and make that the root filesystem when in it? My concern is that micronda may be trying to modify files in / that are part of the cd root file system, and not actually their filesystem.

I saw someone use Backtrack to easily break WEP keys once, I want to try it myself just haven't had a chance to

2. micronda probably needs to modify /etc/shadow instead of /etc/passwd. I can't say for sure, but most linux systems I believe use 'x' in the 2nd field of the /etc/passwd, as an indicator that the actual hash is stored in /etc/shadow. But I'm not sure if putting a hash in the 2nd field of /etc/passwd would still be valid or not.

This is why I like this as interview question, so many ways to go about it

--Shaun
 
Old 01-26-2011, 09:55 PM   #7
binary_pearl
Member
 
Registered: Jul 2007
Location: Chicago Illinois
Distribution: SLES 10 SP2/SP3, SLES 11 SP1, OpenSUSE, Sabayon, Gentoo, Fedora 14, RHEL 3/4/5/6
Posts: 98
Blog Entries: 3

Rep: Reputation: 23
Quote:
Wouldn't it be easier to first append init=/bin/bash to the kernel-line in grub, and then change passwords from there? May grub has no password set.
This is true, but I have had mixed results with this, that's why I didn't mention it. I mostly work with SUSE based systems, and at least roughly the newest (SLES 10 SP2 and later), init=/bin/bash I don't think works. I need to verify that though to say for certain.

But yes, if passing init=/bin/bash works, that is easier.

Basically (assuming grub is your bootloader): When you system is at the menu where you can choose your kernel: move the cursor to highlight the kernel you want to boot. Press 'e'. Move the cursor to the end and try to type ' init=/bin/bash'. This should hopefully bring you to a root prompt where you could type the `password` command to reset the password.

--Shaun
 
Old 01-26-2011, 10:45 PM   #8
deadalus.globalnode
Member
 
Registered: Feb 2010
Distribution: Arch linux and backtrack 4 r2
Posts: 53

Rep: Reputation: 3
In answer to your first question, No Backtrack treats the hard disk root partition as a disk to be mounted. So the user would have to figure out what partition contained / .

Backtrack can be a lot of fun, and if you do get a chance to play with it I think you will agree.

Quote:
Originally Posted by binary_pearl View Post
2. micronda probably needs to modify /etc/shadow instead of /etc/passwd. I can't say for sure, but most linux systems I believe use 'x' in the 2nd field of the /etc/passwd, as an indicator that the actual hash is stored in /etc/shadow. But I'm not sure if putting a hash in the 2nd field of /etc/passwd would still be valid or not.

--Shaun
You are correct in that /etc/passwd generally references the /etc/shadow file for security reasons, as well as substituting a x to show that the password is shadowed. However since the system checks the /etc/passwd file first, it is still a valid place for the password hash.

Last edited by deadalus.globalnode; 01-26-2011 at 11:14 PM.
 
2 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
When power is reset Linux server sits at login prompt, want this to login automatical jenniekingsland Linux - Newbie 1 09-07-2010 08:29 AM
Eee PC 1000 Linux Laptop - Just setup a login account for privacy, now can't login!!! martinkettle Linux - Laptop and Netbook 3 10-28-2008 06:21 AM
cannot login to FC3 linux but can login to FC2 linux and windows XP boot powah Linux - General 3 04-18-2006 03:53 PM


All times are GMT -5. The time now is 10:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration