Can't logon to Linux after manually modifying /etc/passwd file
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
digen is right about telnet, but it seems you have edited a line in /etc/passwd, first we need to know: can you log in at all? (remote through ssh or local on the terminal).
I dont see why you couldnt login through telnet, but can through ssh. They use the same file (/etc/passwd).
Maybe you accidentally removed a ':', resulting in perhaps an empty password (try that).
Remember: /etc/passwd format: Name:Password: UserID:PrincipleGroup:Gecos: HomeDirectory:Shell
Where nowadays we use 'shadowed' passwords, the 'Password' field would read 'x', for better security.
These days we dont see clear text passwords anymore in the /etc/passwd, as we should. Try the UserID as the password (for root that is '0').
If nothing helps my best bet is a boot from boot-root floppies, mount the root on a temporary mount and edit the /mountpoint/etc/passwd to make it work again.
Good luck!
If I could access the server I would have installed SSH and followed your instructions but unfortunately I can't.
Please note that no one can access the server anymore. The /etc/passwd file is now locked. Is there any clear way to unlock this file?
You're going to have to take that machine down to single user mode and remove that line.
1) you don't have the correct number of fields
2) you've put 0 where the passwd should be
3) usernames can't be NULL
And so on... but no one can login until you remove that entry because you've hosed /etc/passwd.
I hope you have physical access to the machine or the phone number/email of someone who does. And if the latter case is true, blame it on vi... don't tell them you did it intentionally.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.