Authentication failure after changing root password in single user mode
 

Hi, I just inherited 4 servers running Ubuntu 14.04.5. The root passwords were changed prior to delivery and have since been lost. I booted into single user mode, typed "mount -rw -o remount /" and then used the passwd command to change the root password.

When I rebooted, I was able to login in as root (on a tty). I changed the root password again just so I have done it in normal multi-user mode. I could use the server as normal.

A couple of days later I tried to log in via tty again and the root password failed to log me in. I had to reboot into single user mode and repeat the password change process again. I have had to do this on all 4 servers and several times over. Why does the root password not 'stick' even after changing it a second time once I'm in multi-user mode?

I tried logging in at the tty using an account I created once successfully in as root. That failed too. I changed the root password in single user mode and logged back in as root after a reboot. Then I used su to login as myself, which worked. However, I then tried to su as root from there and it failed again with the message "Authentication failure".

I figured that I would try to install security updates so I tried running unattended-upgrades -d. After running the command, the message "No packages found that can be upgraded unattended and no pending auto-removals" was displayed.

I'm not in a position where I can just reinstall and start from scratch. I would appreciate any advice.

Thankyou

Why are you logging into UBUNTU servers as root? That is not normal. I try never to use the root accounts directly, always log in as myself and use Privilege escalation tools to run (and log) high admin operations.

Yes I understand. However, I have no other account that I can get in with. The account that I created for myself when I accessed via root, does not work from the login prompt. Once I log in as root, I can su to myself no problem. It appears to be a problem with the authentication system. Once I can fix it, I won't be logging in as root.

Suggest that you are not using the correct password for the normal user. The last time I struggled with this kind of problem, it was because the password I was trying to set was not long enough or otherwise didn't pass the system's rules. Just a thought.

I strikes me that single user mode might be set for a different keymap than multiuser mode. Try setting the password as something simple. I know on Ubuntu, if you set the root password to blank, it locks the root account.

I've had success booting with an install DVD, running rescue, and changing the the password from a chroot shell.

I finally figured it out. I found that there was a Puppet agent running on the servers and it was undoing my config work. I shut down puppet and edited the root crontab. That fixed the root password mystery. As for logging in to a tty using the account I created, I just added the account to /etc/security/access.conf (which was also maintained by Puppet), plus gave it remote access. Now I don't have to use root :-)

Thanks for your input folks... much appreciated.