Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-07-2007, 10:54 AM
|
#1
|
LQ Newbie
Registered: Mar 2006
Posts: 25
Rep:
|
Can't logon to Linux after manually modifying /etc/passwd file
Dear all,
I manually added an entry to /etc/passwd file but can no longer login to the system through telnet.
Is there any other alternative to login to the Linux machine remotely.
Your help is very much appreciated.
Many thanks in advance
|
|
|
01-07-2007, 11:19 AM
|
#2
|
Member
Registered: Dec 2005
Location: India
Distribution: Ubuntu Feisty Fawn
Posts: 107
Rep:
|
Telnet is not secure as password is sent in clear-text.
You're better off with SSH, install the Openssh server or if it's already installed start the ssh server:
/etc/init.d/sshd start
You can connect from the client as given below:
ssh username@192.168.0.10
username is the user you want to login as into the remote system.
192.168.0.10 : IP address of the remote system, change yours accordingly.
|
|
|
01-07-2007, 11:33 AM
|
#3
|
LQ Newbie
Registered: Dec 2006
Distribution: Slackware
Posts: 7
Rep:
|
digen is right about telnet, but it seems you have edited a line in /etc/passwd, first we need to know: can you log in at all? (remote through ssh or local on the terminal).
I dont see why you couldnt login through telnet, but can through ssh. They use the same file (/etc/passwd).
Maybe you accidentally removed a ':', resulting in perhaps an empty password (try that).
Remember: /etc/passwd format: Name:Password: UserID:PrincipleGroup:Gecos: HomeDirectory:Shell
Where nowadays we use 'shadowed' passwords, the 'Password' field would read 'x', for better security.
These days we dont see clear text passwords anymore in the /etc/passwd, as we should. Try the UserID as the password (for root that is '0').
If nothing helps my best bet is a boot from boot-root floppies, mount the root on a temporary mount and edit the /mountpoint/etc/passwd to make it work again.
Good luck!
|
|
|
01-07-2007, 11:37 AM
|
#4
|
LQ Newbie
Registered: Mar 2006
Posts: 25
Original Poster
Rep:
|
Hi there,
If I could access the server I would have installed SSH and followed your instructions but unfortunately I can't.
Please note that no one can access the server anymore. The /etc/passwd file is now locked. Is there any clear way to unlock this file?
Thanks
|
|
|
01-07-2007, 11:58 AM
|
#5
|
Member
Registered: Dec 2005
Location: India
Distribution: Ubuntu Feisty Fawn
Posts: 107
Rep:
|
Boot the server in single user mode and get back to us with the change that you made in /etc/passwd.
If you need more information about single user mode you can search the forums and you should find plenty of threads.
|
|
|
01-07-2007, 12:45 PM
|
#6
|
LQ Newbie
Registered: Mar 2006
Posts: 25
Original Poster
Rep:
|
Hi there,
I've added the following line to the /etc/passwd file
:0:0::
What I've effectively done is to try to create a root user with a null username and password of '0'.
Thanks
|
|
|
01-07-2007, 01:16 PM
|
#7
|
Senior Member
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: OpenBSD, Debian, FreeBSD
Posts: 1,450
Rep:
|
You're going to have to take that machine down to single user mode and remove that line.
1) you don't have the correct number of fields
2) you've put 0 where the passwd should be
3) usernames can't be NULL
And so on... but no one can login until you remove that entry because you've hosed /etc/passwd.
I hope you have physical access to the machine or the phone number/email of someone who does. And if the latter case is true, blame it on vi... don't tell them you did it intentionally.
|
|
|
01-08-2007, 04:45 AM
|
#8
|
LQ Newbie
Registered: Mar 2006
Posts: 25
Original Poster
Rep:
|
Corrupt /etc/passwd file
Hi There,
I am gonna try your method. It feels right.
I'll let you know of the result.
Thanks frob23.
|
|
|
All times are GMT -5. The time now is 10:04 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|