Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
These procedures work for Debian, most likely also for other distributions although some commands or paths might be different, depending your distro.
“I forgot the root password!” (1)
It is possible to boot a system and log on to the root account without knowing the root password as long as one has access to the console keyboard. (This assumes there are no password requests from the BIOS or from a boot loader such as lilo that would prevent one from booting the system.)
This is a procedure which requires no external boot disks and no change in BIOS boot settings. Here, “Linux” is the label for booting the Linux kernel in the default Debian install. At the lilo boot screen, as soon as boot: appears (you must press a shift key at this point on some systems to prevent automatic booting and when lilo uses the framebuffer you have to press TAB to see the options you type), enter:
boot: Linux init=/bin/sh
This causes the system to boot the kernel and run /bin/sh instead of its standard init. Now you have gained root privileges and a root shell. Since / is currently mounted read-only and many disk partitions have not been mounted yet, you must do the following to have a reasonably functioning system.
# mount -n -o remount,rw /
# mount -avt nonfs,noproc,nosmbfs
# cd /etc
# vi passwd
# vi shadow
(If the second data field in /etc/passwd is “x” for every username, your system uses shadow passwords, and you must edit /etc/shadow.) To disable the root password, edit the second data field in the password file so that it is empty. Now the system can be rebooted and you can log on as root without a password. When booting into runlevel 1, Debian (at least after Potato) requires a password, which some older distributions did not.
“I forgot the root password!” (2)
Boot from any emergency boot/root disk set. If /dev/hda3 is the original root partition, the following will let one edit the password file just as easily as the above.
# mkdir fixit
# mount /dev/hda3 fixit
# cd fixit/etc
# vi shadow
# vi passwd
The advantage of this approach over the previous method is one does not need to know the lilo password (if any). But to use it one must be able to access the BIOS setup to allow the system to boot from floppy disk or CD, if that is not already set.
Restore deleted critical files such as /etc/passwd
Debian stores backups of critical files such as passwd, shadow, aptitude config files, … on a regular basis in /var/backups. If you accidentally delete one of these files you can copy them back to the original location. After doing so you might need to reset the permissions on the files to 644.
There are some ways to become the administrator (a.k.a root) under linux. The first thing i would try is the sudo command. sudo allows you to run commands as another user. So to become the root user issue this on the command line
The su commands porpuse is to become the root user. The sudo command will surely ask you or a password. Just use your password.
If this does not work you can see if it does by looking at the last part of the prompt on the command line. It should read a '#' at the end (Normal users have a $ at the end) you have to go the long route.
Get your self a Linux CD or DVD or USB. Just something you can boot of into linux. Mount your root partition and do a chroot into the mount point. This is a very brief explanation. It just depends to much on the devices you have and your these are partition. So if the first approach does not work. Just check back and I'll provide further assistence.
Some infos I would need for this. Execute after you boot up from external media and have a command line ready
Not trying to get credit for someone else's work, just had this lying around in a txt document without even remembering where I got it. Sorry if copy/paste offends you. If we have to provide a reference link for all the item's we copy from other sites wouldn't our post be twice as large and thus more time consuming both in posting and in reading?
Not trying to get credit for someone else's work, just had this lying around in a txt document without even remembering where I got it.
Well, then you could have at the very least mentioned that in your post.
Sorry if copy/paste offends you. If we have to provide a reference link for all the item's we copy from other sites wouldn't our post be twice as large and thus more time consuming both in posting and in reading?
Copy/paste doesn't offend me. Plagiarism, on the other hand, is a really nasty habit.
And no, posting a reference link doesn't make your post twice as large. It can indeed add a few seconds to the total time it takes you to create your post, but it's the right thing to do.
I inserted a unique looking phrase in google, enclosed in double quotes, to find the source.
"you must press a shift key at this point on some systems to prevent automatic booting"
No, the original source appears to be the Debian reference which I linked above. What you've linked looks like just another blog which plagiarized it. That said, we've moved beyond this already, so let's try and stay focused on the OP instead.