LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-12-2009, 02:09 AM   #1
seanlanter
LQ Newbie
 
Registered: Feb 2009
Posts: 3

Rep: Reputation: 0
RHEL default accounts


I have just inherited a server running a basic installation of RHEL. Is there a default password for root? (I am just starting to dig through documentation, but I am also a little impatient...)
 
Old 02-12-2009, 04:20 AM   #2
Azzath
Member
 
Registered: Jan 2005
Location: Russia
Distribution: Mandrake, CentOS
Posts: 138

Rep: Reputation: 16
If you want then you can reset the root password as long as your infront of the actual machine. this link would give you a better idea of how to do it.

http://www.go2linux.org/fedora-cento...sword-recovery

Hope this helps.

- A.
 
Old 02-12-2009, 04:20 AM   #3
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
That wouldn't be a very good idea now would it?? No, there's no default password, and if you've *inherited* on, if anything like that was left as default on the last guys watch he deserves shooting.

http://www.linuxquestions.org/questi...loader-410226/
 
Old 02-12-2009, 04:17 PM   #4
seanlanter
LQ Newbie
 
Registered: Feb 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks for the feedback --

1) No, a default password for root wouldn't be a good idea, I was just hoping.

2) But I do have access to the box itself, and I own it now, so I will follow the article and reset it.
 
Old 02-12-2009, 05:23 PM   #5
jstephens84
Senior Member
 
Registered: Sep 2004
Location: Nashville
Distribution: Manjaro, RHEL, CentOS
Posts: 2,098

Rep: Reputation: 102Reputation: 102
well you could just boot up with knoppix, mount the drive, then blank out the password in /etc/shadow. Or I think you can get a full blown login by booting into single user mode. If that is the case then just run
Code:
passwd root
 
Old 02-13-2009, 02:51 AM   #6
lazlow
Senior Member
 
Registered: Jan 2006
Posts: 4,362

Rep: Reputation: 172Reputation: 172
seanlanter

Unless there is something that you absolutely need off that drive, just do a fresh install. There is no real way to determine what the previous owner set up on the machine. He may have altered things to allow him access to the machine any time it has access to the net. He may also have cluster Fracked up things that are easy to deal with, if you know that they were done, but can cause untold PITA if you do not know specifically what was done. If you do a fresh install you know exactly what you are dealing with and how secure you are.
 
Old 02-13-2009, 04:23 AM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Quote:
Originally Posted by jstephens84 View Post
well you could just boot up with knoppix, mount the drive, then blank out the password in /etc/shadow. Or I think you can get a full blown login by booting into single user mode. If that is the case then just run
Code:
passwd root
how is that a just, compared to just booting to single user mode?
 
Old 02-13-2009, 04:24 AM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Quote:
Originally Posted by lazlow View Post
seanlanter

Unless there is something that you absolutely need off that drive, just do a fresh install. There is no real way to determine what the previous owner set up on the machine. He may have altered things to allow him access to the machine any time it has access to the net. He may also have cluster Fracked up things that are easy to deal with, if you know that they were done, but can cause untold PITA if you do not know specifically what was done. If you do a fresh install you know exactly what you are dealing with and how secure you are.
may be a "nice to have" but it's hardly likely that a server in a commercial environment would ever just get rebuilt on a whim.
 
Old 02-13-2009, 09:08 AM   #9
jstephens84
Senior Member
 
Registered: Sep 2004
Location: Nashville
Distribution: Manjaro, RHEL, CentOS
Posts: 2,098

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by acid_kewpie View Post
how is that a just, compared to just booting to single user mode?
Its not. I just wanted to give more than one option.
 
Old 02-13-2009, 12:35 PM   #10
lazlow
Senior Member
 
Registered: Jan 2006
Posts: 4,362

Rep: Reputation: 172Reputation: 172
acid_kewpie

If this is in a decent commercial environment they would have the passwords stored somewhere(sysadmin gets hit by a train etc). Since the passwords are not stored somewhere, it brings into question security concerns. These days security is more than a "whim" for most companies.
 
Old 02-13-2009, 02:22 PM   #11
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
hmm, no I wouldn't say so. To me this sounds like an internal server, not online in anyway. It's a smallish company without a suitably detailed / inforced IT security policy. I wouldn't say a threat or risk comes from an unknown password in this instance. I've been there, and it's just a bit lazy / amateur. Nothing worse than that. Of course, that's my assumption only...
 
Old 02-15-2009, 04:41 AM   #12
seanlanter
LQ Newbie
 
Registered: Feb 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks, everyone, for the inputs. This, indeed, turned out to be an internal server, dedicated to hosting a specific test tool in an isolated test lab. And in some sense, what I inherited was actually a corporate reorganization: in the process of getting the OK to re-install RHEL, we bumped into someone who knew someone who knew who to ask for the password (not quite 6 degrees of separation, but getting close!). So today we are up and running, the password is safely stored elsewhere, and I have garnered a lot of helpful information in case I really do run into the situation we thought we had to begin with. Thanks again, this forum is terrific!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Default Accounts of SUSE Linux Ent. Server v9 Bace Rock Linux - Newbie 0 12-01-2008 06:10 PM
Default user accounts in Unix Operating system srihariv Linux - General 2 03-31-2008 07:43 AM
block accounts default from pop3 or imap Gran_Maestre Linux - Security 1 02-19-2008 12:23 AM
what are default user and group accounts in the linux system used for? devenix Linux - General 1 02-12-2008 03:32 PM
Adding default Dir to New user Accounts Joshsawyer77 Linux - General 2 01-25-2003 03:38 PM


All times are GMT -5. The time now is 11:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration