LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-07-2006, 07:56 AM   #1
chomps
LQ Newbie
 
Registered: Apr 2004
Posts: 16

Rep: Reputation: 0
Forgotton root password


I have a Fedora Core 4 server and I connect to it via ssh. I have forgotton the root password and need to update some mail files. Is there any way I can get this password back? I know other passwords to limited users such as myself and usually just su as root afterwards. help please if possible...
 
Old 07-07-2006, 08:21 AM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by chomps
I have a Fedora Core 4 server and I connect to it via ssh. I have forgotton the root password and need to update some mail files. Is there any way I can get this password back? I know other passwords to limited users such as myself and usually just su as root afterwards. help please if possible...
do you have physical access to the box?? if not, you're out of luck...

of course, without physical access, if you don't have the shadow suite installed on the box, you could still try and crack the root password with john the ripper or something... but the shadow suite is installed by default on almost all distros *precisely* for this reason...

Last edited by win32sux; 07-07-2006 at 08:26 AM.
 
Old 07-07-2006, 08:21 AM   #3
zeitounator
Member
 
Registered: Aug 2003
Location: Montpellier, France, Europe, World, Solar System
Distribution: Debian Sarge, Fedora core 5 (i386 and x86_64)
Posts: 262

Rep: Reputation: 30
Boot your machine in single user mode. At the prompt type passwd. Enter your password twice. Type exit and the machine will automatically switch to whatever runlevel is configured in /etc/inittab.
 
Old 07-07-2006, 08:42 AM   #4
chomps
LQ Newbie
 
Registered: Apr 2004
Posts: 16

Original Poster
Rep: Reputation: 0
Unfortunatly I only have SSH access as I am about 1000Km from site at the moment and will be for quite a while. Isn't there an ssh tool like brute force or something that can crack it. I've used so many passwords that I've actually locked myself out. I do have other access but no write permissions
 
Old 07-07-2006, 08:47 AM   #5
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by chomps
Unfortunatly I only have SSH access as I am about 1000Km from site at the moment and will be for quite a while. Isn't there an ssh tool like brute force or something that can crack it. I've used so many passwords that I've actually locked myself out.
yes, there are brute force programs available... but i think it would be best to have a moderator jump in here before people start linking warez and the like, as this likely conflicts with the LQ rules...

Quote:
I do have other access but no write permissions
huh?? you have read access to the shadow file??
 
Old 07-07-2006, 06:09 PM   #6
spooon
Senior Member
 
Registered: Aug 2005
Posts: 1,755

Rep: Reputation: 51
Quote:
Originally Posted by chomps
Unfortunatly I only have SSH access as I am about 1000Km from site at the moment and will be for quite a while. Isn't there an ssh tool like brute force or something that can crack it. I've used so many passwords that I've actually locked myself out. I do have other access but no write permissions
* Can't you instruct someone at the site to boot into single-user mode?
* Do any of your users have any sudo privileges?

Otherwise you are out of luck. Consider how bad it would be if limited users without anything else could somehow become root.

Last edited by spooon; 07-07-2006 at 06:12 PM.
 
Old 07-08-2006, 01:02 PM   #7
jtshaw
Senior Member
 
Registered: Nov 2000
Location: Seattle, WA USA
Distribution: Ubuntu @ Home, RHEL @ Work
Posts: 3,892
Blog Entries: 1

Rep: Reputation: 67
I would have somebody who is on site to change the password to something known through single user mode, and then you log in and change again.

Brute force attempts are probably going to just waste your time for hours with no results.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 11:28 PM
How to retrieve( or reset) root password in Mandrake Linux, as I forgot my password? Reghunath Linux - Software 4 05-08-2008 05:11 AM
Booting into Single User on MDK 9 asks for root password instead of booting into root acadcworks Linux - General 6 01-10-2006 07:51 AM
Logged in as root, prompted for root password ta0kira Slackware 13 04-25-2005 02:29 AM
MYSQL root password forgotton jon_k Linux - Software 5 07-18-2003 09:09 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration