Hi, common question.
forgot root password?

Followed acid_kewpie advice and ran a search through the forum before asking question. But i need a little more help.

OK what I have found out...
1. Boot, in GRUB press ctrl x
2. then select single user mode.
3. login as root (no pwd required)
4. type passwd, and re-set password.
5. is that correct? seems to easy!
by the way, its RH 7.2 does that make a difference?!!!

for interest... anyone know of another way?

thanks,
medamnit

hehe, well done... yeah that's the perfect way to do it if you're on lilo you'd do practiaclly the same thing, running "linux single" or "linux init 1"

have a donut!

another way is to never forget the root password

sorry, but i don't like when people forget their own passwords, i deal with that crap everyday and it bugs me to think people set a password and don't remember it..
its a whole other story when you take the place of a admin who has left and he didn't leave the password for you to begin with.

oh well, that's my rant for the day..

Well, actually medamnit, there is such thing as a secure system if your pc can be physically be reached by someone. Even if you too grub off and simply booted directly into Linux, and you couldn't do the little control-x trick, there are still other ways of doing it.

Yeah acid!, some delicious crispy DONUT!!!!!!!!!!!!!!!!!!!

zLinuxz

zLinuxz... what other ways do you know?

I actually haven't forgotten MY passwd, cousin pulled out his old linux machine and wanted to start using it. I just wanted to be the man of help thanks too you guys I should be able to help him out.

Thank you,

medamnit

Medamnit, I haven't done it myself, or seen either what other way there is to access some linux box and gain root priviliges. I'm sure if you got a floppy drive, you can do something to boot into single mode user if lilo or grub are disabled. But, I wouldnt know exactly what to do,
Alrighty!, you're your cousins Hero, :P


zLinuxz

this is bloody shocking! on a secure OS you should not be able to log in as root, unless you know the root password!!! this is as bad as that screensaver exploit to logon as root in WinNT!

Hi,
i followed my steps i listed above but problem.

when entering ctrl x at GRUB.
no option was avaiable for single user mode
it came up with 'e' or 'c'.

anyone got the similar setup and could check this out?

thanks
medamnit

yup, i tried it (well, not the grub method, i do know my root password) typing passwd at the Single user prompt DOES NOT require the original password, but then again you DO have to be sitting physically in front of the target box for it to work (single user mode only works directly on the box unless perhaps configured otherwise, and i doubt very much that anyone would set that up too insecurely, and in most cases (other than the case of your own machine) that box is going to be either in a locked closet (or room), or somewhere that doesn't allow such physical access to the target machine, along with any terminals that have single user access. In short, nobody get any ideas as how to hack into that linux box you've been thinking about hitting with this new information

no it's not. are you seriously suggesting that if a server for a company goes down for example, and somehow the password for root becomes corrupted, or maybe someone changed it maliciously, there sghould be NO way to get that server working again? reformat the thing???? Lilo and Grub both have numerous security option that can require additional passwords in order to boot the system into a non predefined state, i.e. single user mode.

it's not an exploit. don't be daft.

if you say so, but security is only as secure as the weakest link in the chain. A company, as you say, would probably have all that stuff configured in a secure fashion. Many home users may not know how to, or even that the capability exists to either login as root without the password, or to stop someone from doing so.
Anything that can be exploited is an exploit.

Well how far do you want to go to secure your computer as a home user? Someone needs to have physical access to your computer to change the root password in that way.
I'm sure any creative person who has physical access to your computer can find many ways to break it. A hamer should do a bit of damage. Do you also consider that as a weak link in the chain?

not really, actually linux is very secure, for a lot of reasons, and i think that it's fine the way it is, but there's always room for improvement.

The winNT exploit i mention also requires physical access, but unlike linux (and this is the important bit) there is no way to configure winNT so that the exploit won't work, because M$ has not released a patch for it, and it's a closed source system.

So, actually, no i think it's fine so long as everybody does as they're supposed to, but the more backdoors get left open, by undereducated companies for example, the more people are going to use those backdoors. and so on.

I don't know much about it and i'm not up for an argument, i'm just saying an exploit is an exploit, if it ends up getting exploited by somebody...

if you are going to suggest that say, the su command is an explot, and logically say... rm is an exploit.. then yes it is an exploit.. but if rm isn't one, then neither is the ability to boot to single user mode.

I've got a SuSE Linux box but don't know the root password.

I've tried the following, but it doesn't work as it still asks for a root password.

Any ideas??

>>>>>
I' tried....

1. At LILO prompt: linux single
2. The machine then boots into Single User mode, but then instead of getting a # prompt, it asks for the Root password - which is not 'blank', as I've tried that.

I've also tried booting from a floppy boot disk, but I get the same, as if whilst booting, it detects the hard disk, and reads those root password files.

<<<<<<<

thanks in advance for any help!!