Cannot change root password (let alone standard user's password)

jbottiger · 01-06-2009, 09:33 AM

At the RHEL prompt, I entered the standard user's username/password combo. Linux displays a message box stating:

"Your account has expired; please contact your system administrator."

Next, I entered "root" in the username field and entered the root password (which expired also--keep in mind that passwords are set to expire after x days). Linux displays a message box stating:

"You are required to change your password immediately (password aged)."

When prompted to "Enter current UNIX password", I entered the new password (was that the right thing to do?); Linux displays a message box stating:

"The change of the authentication token failed. Please try again later or contact the system administrator."

I rebooted the system and got into command line mode; somehow I logged in as "root" (don't know exactly how, but needed to change the password there). At the "#" prompt, I type "passwd root"; Linux displays the message "Changing password for user root", followed by the message "passwd: Authentication information cannot be recovered."

Please advise. Thanks.

John B.

win32sux · 01-06-2009, 09:40 AM

Quote:

Originally Posted by jbottiger

When prompted to "Enter current UNIX password", I entered the new password (was that the right thing to do?)

No. The current password refers to the one that was currently set. This is asked for in order to confirm that it is indeed you changing the password and not someone else.

Quote:

I rebooted the system and got into command line mode; somehow I logged in as "root" (don't know exactly how, but needed to change the password there). At the "#" prompt, I type "passwd root"; Linux displays the message "Changing password for user root", followed by the message "passwd: Authentication information cannot be recovered."

Sounds like you booted into single-user mode. Try using "passwd" instead of "passwd root" and see if it makes any difference. Or alternatively, give the regular multi-user prompt above the correct password. BTW, I'm moving this to the Red Hat forum, as it's not a security issue.

jbottiger · 01-06-2009, 10:12 AM

Quote:

Originally Posted by win32sux

No. The current password refers to the one that was currently set. This is asked for in order to confirm that it is indeed you changing the password and not someone else.

Tried current password--received same authentication token error.

Quote:

Sounds like you booted into single-user mode. Try using "passwd" instead of "passwd root" and see if it makes any difference.

Same problem occurred with "passwd" (sans "root").

jbottiger · 01-06-2009, 02:29 PM

After further investigation with one of my colleagues and with Red Hat Tech Support, it appears that there are multiple versions of the /etc/shadow and the /etc/passwd files (e.g., with a "~" at the end) which differ from each other. My colleague used gedit which generated the passwd~ and shadow~ files, causing a slight corruption. Copied the existing passwd and shadow files to backup files, and copied the passwd~ and shadow~ files to the respective passwd and shadow files.

Bottom line, use "vi" or "nano" to edit the files, not "gedit" if you can.

Thanks for your help.

John B.

chrism01 · 01-06-2009, 08:03 PM

I think you're supposed to use vipw, if RH has that. Ideally you wouldn't edit the file directly anyway.