LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-07-2007, 10:54 AM   #1
sgarci
LQ Newbie
 
Registered: Mar 2006
Posts: 25

Rep: Reputation: 15
Can't logon to Linux after manually modifying /etc/passwd file


Dear all,

I manually added an entry to /etc/passwd file but can no longer login to the system through telnet.

Is there any other alternative to login to the Linux machine remotely.

Your help is very much appreciated.

Many thanks in advance
 
Old 01-07-2007, 11:19 AM   #2
digen
Member
 
Registered: Dec 2005
Location: India
Distribution: Ubuntu Feisty Fawn
Posts: 107

Rep: Reputation: 15
Telnet is not secure as password is sent in clear-text.

You're better off with SSH, install the Openssh server or if it's already installed start the ssh server:

/etc/init.d/sshd start

You can connect from the client as given below:

ssh username@192.168.0.10

username is the user you want to login as into the remote system.
192.168.0.10 : IP address of the remote system, change yours accordingly.
 
Old 01-07-2007, 11:33 AM   #3
DaaNMaGeDDoN
LQ Newbie
 
Registered: Dec 2006
Distribution: Slackware
Posts: 7

Rep: Reputation: 0
digen is right about telnet, but it seems you have edited a line in /etc/passwd, first we need to know: can you log in at all? (remote through ssh or local on the terminal).
I dont see why you couldnt login through telnet, but can through ssh. They use the same file (/etc/passwd).
Maybe you accidentally removed a ':', resulting in perhaps an empty password (try that).
Remember: /etc/passwd format: Name:Password: UserID:PrincipleGroup:Gecos: HomeDirectory:Shell
Where nowadays we use 'shadowed' passwords, the 'Password' field would read 'x', for better security.
These days we dont see clear text passwords anymore in the /etc/passwd, as we should. Try the UserID as the password (for root that is '0').
If nothing helps my best bet is a boot from boot-root floppies, mount the root on a temporary mount and edit the /mountpoint/etc/passwd to make it work again.
Good luck!
 
Old 01-07-2007, 11:37 AM   #4
sgarci
LQ Newbie
 
Registered: Mar 2006
Posts: 25

Original Poster
Rep: Reputation: 15
Hi there,

If I could access the server I would have installed SSH and followed your instructions but unfortunately I can't.
Please note that no one can access the server anymore. The /etc/passwd file is now locked. Is there any clear way to unlock this file?

Thanks
 
Old 01-07-2007, 11:58 AM   #5
digen
Member
 
Registered: Dec 2005
Location: India
Distribution: Ubuntu Feisty Fawn
Posts: 107

Rep: Reputation: 15
Boot the server in single user mode and get back to us with the change that you made in /etc/passwd.

If you need more information about single user mode you can search the forums and you should find plenty of threads.
 
Old 01-07-2007, 12:45 PM   #6
sgarci
LQ Newbie
 
Registered: Mar 2006
Posts: 25

Original Poster
Rep: Reputation: 15
Hi there,

I've added the following line to the /etc/passwd file

:0:0::

What I've effectively done is to try to create a root user with a null username and password of '0'.

Thanks
 
Old 01-07-2007, 01:16 PM   #7
frob23
Senior Member
 
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: OpenBSD, Debian, FreeBSD
Posts: 1,450

Rep: Reputation: 48
You're going to have to take that machine down to single user mode and remove that line.

1) you don't have the correct number of fields
2) you've put 0 where the passwd should be
3) usernames can't be NULL

And so on... but no one can login until you remove that entry because you've hosed /etc/passwd.

I hope you have physical access to the machine or the phone number/email of someone who does. And if the latter case is true, blame it on vi... don't tell them you did it intentionally.
 
Old 01-08-2007, 04:45 AM   #8
sgarci
LQ Newbie
 
Registered: Mar 2006
Posts: 25

Original Poster
Rep: Reputation: 15
Corrupt /etc/passwd file

Hi There,

I am gonna try your method. It feels right.
I'll let you know of the result.

Thanks frob23.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Swat uses PAM but changes linux passwd not samba passwd Peter@KKVS Linux - Networking 0 11-26-2006 04:20 AM
modifying a deb file? muddywaters Debian 2 10-09-2006 01:45 PM
Samba PDC. Change passwd on logon? nathacof Linux - Enterprise 3 05-02-2006 08:44 AM
Can't login after modifying /etc/passwd loadedmind Solaris / OpenSolaris 4 01-18-2006 11:11 PM
Is it safe to manually change the /etc/passwd file? stefaandk Linux - Newbie 2 06-29-2005 11:10 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:04 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration