LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 09-02-2008, 11:27 PM   #1
rushenas
Member
 
Registered: May 2005
Posts: 34

Rep: Reputation: 15
Lost password


Hi all
I have editted the /etc/passwd file, and I have changed the root entry to admin. I've heard that this way I can increase my server security. But now I can't access my server! When I try to login with root, it says access denied. With admin, Linux says:
Code:
Permissions on the password database may be too restrictive.

Access denied
How can I access my system? The server runs SuSE Linux Enterprise Server 10. And I can access it physically.
 
Old 09-02-2008, 11:42 PM   #2
/usr/darien
Member
 
Registered: Mar 2008
Location: Virginia
Distribution: RHEL 4/5, Fedora 6-9, SuSE 10.1-11, Open Solaris 10.8, WinXP,2003,Vista
Posts: 59

Rep: Reputation: 15
You need to boot into single-user or runlevel 1. Do you know how to change into runlevel 3 during boot? If so, just replace the 3 with a 1. From there, you should be able to fix your problem.
 
Old 09-02-2008, 11:44 PM   #3
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
You want to change it back. You could try logging in as a regular user with "sudo" privileges and undo your changes. I'm assuming that "sudo" will work by changing the "EUID" to 0 regardless of your changes. Or boot up with a rescue disk or live distro; mount the partition with /etc/ on it and edit /etc/passwd as root.

I don't know why changing the name of root would increase security. True that root is a known name, but so is admin. Also, the /etc/passwd file is world readable, and anyone can look at the file and see what you did. ( grep ':0:0:' /etc/passwd )

IMHO, instead, you could restrict root logins to a security terminal (/etc/securetty), make sure the root password is very strong, and disable ssh root logins. You can also restrict what commands sudoers are allowed to perform, such as allowing rvim but not evim. If you run mysql, did you remember to give the root user a password, delete the anonymous user and the "test" database. Did you search your system for all suid programs. Look at every package you have installed. Are they all necessary. When it comes to security, less is more. (less installed is more secure) Learn how SELinux works so you understand it.
 
Old 09-03-2008, 05:13 AM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,005
Blog Entries: 11

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Quote:
Originally Posted by rushenas View Post
Hi all
I have editted the /etc/passwd file, and I have changed the root entry to admin. I've heard that this way I can increase my server security. But now I can't access my server! When I try to login with root, it says access denied. With admin, Linux says:
Code:
Permissions on the password database may be too restrictive.

Access denied
How can I access my system? The server runs SuSE Linux Enterprise Server 10. And I can access it physically.

That would have worked had you also changed
/etc/shadow to use admin instead of root.

As /usr/darien said: try to boot into single-user
mode specifying /bin/bash as your init on the boot
loader prompt (because these days most distros will
prompt you for a password just the same if you just
go 'single'). Or use a live CD to undo the changes.



Cheers,
Tink
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Lost Password ockertom Linux - Software 5 03-20-2007 12:49 AM
lost password Loretta59 Suse/Novell 2 05-12-2005 01:40 PM
I lost my password [BFK]BLASSON Linux - Security 3 05-05-2004 08:15 PM
Lost password mijohnst Linux - Security 2 04-06-2004 05:02 PM
lost password waxiem Linux - Software 5 07-04-2003 11:00 AM


All times are GMT -5. The time now is 01:43 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration