My office recently purchased a business just north of us, and I have been put in charge of their IT stuff.

For the most part, they are Windows based. However, they have OpenSUSE 10.1 installed on a computer in the office that seems to be acting as a DNS and DHCP server. However, nobody at the office has any clue what the passwords are for that system, whether talking about the root user or either of the users set up on the computer. Heck, nobody seemed to know what the computer even did, all they knew was it was set up "sometime in November", that their network is much more stable since it was set up, and they left it alone (this computer hasn't been touched since November and it seems to be working perfectly... I can't imagine leaving a Windows server alone for 10 months). I only discovered the DNS and DHCP functions by looking at the ipconfig on the Windows workstations. It may be doing something else that I'm not aware of, which is the only thing thing keeping me from wiping the system and installing a different distro.

This server was apparently set up by a computer tech company in town that has since gone out of business, so I can't ask them, and nobody at the office knows anything about computers (finding the on switch is taxing some of them).

I am still something of a Linux newb, especially when it comes to the administration side, and I have done zero work with server-level functions. I started using Linux at home part-time about two and a half years ago, and switched to it as my primary OS last year, but I am more of a semi-advanced user rather than an administrator. And my experience comes from Debian and Ubuntu, not any variations of SUSE.

I've seen a few sets of instructions on how to reset the root password, but most of them seem to require (at least somewhere in the process) the ability to log in as a user, which I currently can't do because I don't know those passwords, either.

So if someone could either give me some instructions on how to reset all these passwords, or point me to some documentation that would show me how to do it, I would appreciate it. And it would be helpful (and won't hurt my feelings a bit) if you assumed I was a complete newb. I have wide enough gaps in my knowledge that you can't assume I know anything.

I will add that I'm not afraid of the command line. I am, however, concerned about messing up this server in a way that would keep them from working, which is something I'm not usually worried about when tinkering with my home system.

If you have access to the hardware, there is always a way to disable the password.

If the bootloader is not password protected, you can (at least with GRUB) stop the boot process and edit the kernel command to add the word "single". This puts you in single-user mode with no password + root powers. When the grub menu first appears, hit tab to stop the countdown, then "e" for edit. (I assume there is a similar proceedure for LILO.)

As a last resort, you can boot from a live CD Linux distro and edit the /etc/passwd file to remove the first "x" in the root entry. After editing, the line should look like this:
root::0:0:root:/root:/bin/bash
You will now be able to boot into the system and login as root with no password.

You could even grab another PC and set that up to provide the same function (DNS & DHCP) so you can remove the old PC and investigate it at your leisure. You'll know if it provides another function when you receive complaints from users

If you don't know the root password, you can not login into single user mode.

You must boot from SUSE cd #1 or DVD and continue with "Rescue System". Now you may login as root with no password. May be you think to make "passwd root" for resetting the root password, but it won't work. Because you are working on a ramdisk without your local disks mounted. So first you have to mount your / partition.

- mkdir /any_dir
- fdisk -l (if you don't know the partition order, you must try a bit for the correct partition)
- mount /dev/sda3 (or any other disk partition else) /any_dir
- vi /any_dir/etc/shadow

root:gF8DgBn0RvNcE:13613:0:10000:::: clear the crypted password ->
root::13613:0:10000::::
- init 6

and now you are able to login as root without any password.

There are some other ways (knoppix, etc.) for root password recovery but this is the simpliest way i think.

Conclusion: You lose everything if you lose the physical security of your servers..

You certainly can---I just did it on my machine!!!

What is the use of passwords if someone can get into your system with single user? Doesn't the "single" user have full permissions over the system while logging in as single? I'm really confused at how the single option works. If anyone could explain this more clearly, that would be great.

like cutegoat said
Single user mode is a mode in which a multiuser computer operating system boots into a single superuser. In other words, you're logging in as root without running all the background system processes or letting anyone else log in. You can use it to access low level system resources that would otherwise be in use. For instance if I wanted to restore one of my partitions to a previous state I might use single user mode.


That grub trick is a good idea. I'll have to try it and see if my systems demand a password for single user mode or if it's like pixellany said. Whenever I do a shutdown now without the -h it requires a password after going down, so I'm thinking they would. I usually load a liveCD, do a chroot, then run passwd rather than editing the password file manually. Thanks for the tip

If you have physical access to a computer, you can get in with full privileges. The only protection would be to lock the computer in a cabinet. Otherwise, the protection is simply that the average passerby does not know all the tricks.

I assume that the "single-user" designation somehow relates to the idea that--if you are the ONLY user--you must be the SUPER user.

This is all loosely related to the truism that "locks are for honest people". (Which is why none of my cars have alarms---and why some people do not lock their cars. (they don't want their car damaged while some thief is stealing their chewing gum.))

gotcha!! thnx

this is a interesting topic. the question if it is useful to have "single user mode" to crack the root password is of course necessary. On the other hand. Every guy, as pixellany said already, could - if he has physical access to the machine - take a live cd and boot from that to change passwords. But, nobody would ask: "why is it possible to change passwords with live cd's? prohibit them!"*g so, what is the essence?

and of course, pixellany is right, it is possible with opensuse to get into single user mode....

When I try mkdir I get the error "Cannot create directory "test" : read-only file system"

Did I miss a step?

Thanks for your help!
G

You must type -rw to option field while you while GRUB loading.

HI Pixellany

I have tried to edit the file for my root password and now when I try to open Yast it comes up with this error message
"Su returned with an error "

I did also try to follow another thread like this:

"- mkdir /any_dir
- fdisk -l (if you don't know the partition order, you must try a bit for the correct partition)
- mount /dev/sda3 (or any other disk partition else) /any_dir
- vi /any_dir/etc/shadow

root:gF8DgBn0RvNcE:13613:0:10000:::: clear the crypted password ->
root::13613:0:10000::::
- init 6 "

I guess I have messed up the user root. Do you know how I can go about to fix it. I dont understand, I had webmin installed and I could go in there to change the root password , it changed ok but I could not log on after that.

Please help

Many thanks