I am being asked for a linux login password and I do not know it. I am using Suse 9.3. Is there any way to remove it?

A bit more infomation would be usefull. Are you getting a command prompt, or a Graphical login? I am assuming that this is your computer you are talking about.

root password hacking is fun! This is one of my favourite questions to ask in interviews for Linux people. Going along with deadalus.globalnode's comment, we'll assume this is your computer where you do have access to try these things. These methods are fairly advanced, but I'll try to give as much detail as possible.

First thing you need is a linux live distro. Any suse install or live disk should work. Assuming it's a suse disk, boot off the iso and go into "Rescue Mode". There should be a menu option when the cd boots.

One you get a root prompt: you have 2 options:

1. chroot into your system and run the password command
The first thing we had to do is identify your root partition:
Every system is different, so if you can post the output we can probably determine which filesystem is your root.

Once we know the root file system:
Some of the above commands may be a little overkill for a password reset, but it's good to do anyway, for future reference.

At this point you should be able to type the command: `password`. It should ask you for a new password. Type it in twice and should take effect.

Then:
Again the above commands are a safe but paranoid way of rebooting. If you just reboot without doing the commands you will probably be OK.


2. Edit the shadow file with a known good password hash.
Thinking about it, this is actually even more advanced, so we'll leave this as a last resort if option 1 doesn't work

--Shaun

If you are going to go all out, I would go with Backtrack 4.

Really any live linux cd that has perl installed will work just fine.
In addition to what binary_perl said you can do it is like so:

boot a live cd
open the password file in a text editor found at /etc/passwd
copy and paste the following into the file at the end:
myroot:XXq2wKiyI43A2:0:0:root:/root:/bin/bash

after you have saved the file, reboot. you login as "myroot" with "password" as your password ( with out the quote marks).

If you want a different password then use the perl command:
perl -e 'print crypt("your_password_goes_here", "XX"). "\n"'
and replace XXq2wKiyI43A2 with the out put of the command above.

I find this way a bit simpler.

Wouldn't it be easier to first append init=/bin/bash to the kernel-line in grub, and then change passwords from there? May grub has no password set.

What deadalus.globalnode is describing is what I was calling option 2.

deadalus.globalnode: I have 2 concerns with your idea:
1. Does Backtrack try to figure out a root filesystem and make that the root filesystem when in it? My concern is that micronda may be trying to modify files in / that are part of the cd root file system, and not actually their filesystem.

I saw someone use Backtrack to easily break WEP keys once, I want to try it myself just haven't had a chance to

2. micronda probably needs to modify /etc/shadow instead of /etc/passwd. I can't say for sure, but most linux systems I believe use 'x' in the 2nd field of the /etc/passwd, as an indicator that the actual hash is stored in /etc/shadow. But I'm not sure if putting a hash in the 2nd field of /etc/passwd would still be valid or not.

This is why I like this as interview question, so many ways to go about it

--Shaun

This is true, but I have had mixed results with this, that's why I didn't mention it. I mostly work with SUSE based systems, and at least roughly the newest (SLES 10 SP2 and later), init=/bin/bash I don't think works. I need to verify that though to say for certain.

But yes, if passing init=/bin/bash works, that is easier.

Basically (assuming grub is your bootloader): When you system is at the menu where you can choose your kernel: move the cursor to highlight the kernel you want to boot. Press 'e'. Move the cursor to the end and try to type ' init=/bin/bash'. This should hopefully bring you to a root prompt where you could type the `password` command to reset the password.

--Shaun

In answer to your first question, No Backtrack treats the hard disk root partition as a disk to be mounted. So the user would have to figure out what partition contained / .

Backtrack can be a lot of fun, and if you do get a chance to play with it I think you will agree.

You are correct in that /etc/passwd generally references the /etc/shadow file for security reasons, as well as substituting a x to show that the password is shadowed. However since the system checks the /etc/passwd file first, it is still a valid place for the password hash.

2 members found this post helpful.