root pw not recognized

pljvaldez · 02-23-2006, 07:06 PM

Hmmm. I'm really stumped if we already deleted the root password from /etc/passwd and also already deleted the info from /etc/shadow...

My last idea is can you as a user ssh root@localhost?

justanothersteve · 02-23-2006, 07:13 PM

I'm not familiar with Suse, but I had a similar problem on my gentoo webserver. I use a STRONG password (random upper/lower case with numbers) and I forgot where I wrote it down. So I loaded up a live cd, mounted my partitions, chroot from the livecd to my systems, then 'passwd root' Changed my password, unmounted my partitions and rebooted without the cd...voila, new root password worked

Red Knuckles · 02-23-2006, 07:16 PM

Quote:

Originally Posted by pljvaldez

Hmmm. I'm really stumped if we already deleted the root password from /etc/passwd and also already deleted the info from /etc/shadow...

My last idea is can you as a user ssh root@localhost?

xxxxxx@zzzzzz:~> ssh root@localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 86:82:de:a4:ed:f1:48:af:86:0d:4c:10:17:83:5f:45.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
Permission denied (publickey,keyboard-interactive).

That's what I got from that. It seems odd to me that when I try to log in as root it responds "incorrect login" as if root isn't recognized. I'd hate to have to reinstall Suse as things have been so great till I mucked it up. I guess to back things up I move bookmarks and addressbook to home folder and CD it w/k3b. Is there any way to back up settings and installed software???

pljvaldez · 02-23-2006, 07:22 PM

So it failed the ssh...

justanothersteve had an idea that might work.

1) boot with your system rescue cd or another live CD
2) mount the drive
3) chroot /mnt/hda2
4) passwd root

If that doesn't work, I'm not sure anything will....

Red Knuckles · 02-23-2006, 08:22 PM

Quote:

Originally Posted by pljvaldez

So it failed the ssh...

justanothersteve had an idea that might work.

1) boot with your system rescue cd or another live CD
2) mount the drive
3) chroot /mnt/hda2
4) passwd root

If that doesn't work, I'm not sure anything will....

Ok, that didn't work. When I try with 'Sys Res CD' and try to run:

mount -t reiserfs /dev/hda2 /mnt/hda2

I get mount point /mnt/hda2 doesn't excisite so I go back to trying to mkdir /mnt/mydir and mounting there and then run chroot /mnt/mydir which lets me change the pw till I login to Suse and no change. I am certain we're are trying to fix the wrong problem. It can't be changing the root PW as Suse doesn't except root as a legitimate login. That's where the problem lies. Unless I'm wrong. I am a newbie.

Red Knuckles · 02-23-2006, 08:23 PM

Quote:

Originally Posted by Red Knuckles

Ok, that didn't work. When I try with 'Sys Res CD' and try to run:

mount -t reiserfs /dev/hda2 /mnt/hda2

I get mount point /mnt/hda2 doesn't excisite so I go back to trying to mkdir /mnt/mydir and mounting there and then run chroot /mnt/mydir which lets me change the pw till I login to Suse and no change. I am certain we're are trying to fix the wrong problem. It can't be changing the root PW as Suse doesn't except root as a legitimate login. That's where the problem lies. Unless I'm wrong. I am a newbie.

I'm probably screwed aren't I.

Red Knuckles · 02-23-2006, 08:44 PM

Quote:

Originally Posted by Red Knuckles

I changed something in Yast2>Security, probably >Local where I set file system access to paranoid. Now when I try to become root in terminal I get:

yyyyyy@tttttt:~> su
Password:
Permissions on the password database may be too restrictive.
su: incorrect password

The password isn't/can't be incorrect as I haven't changed it and it has been in use since I installed Suse last week. Can anyone help me solve this problem???

I like solving problems, this one has been difficult to say the least. Let's go back to the original problem. Maybe there are some keys there. The password wasn't corrupted. The original problem was that a setting was changed that led to this error:

yyyyyy@tttttt:~> su
Password:
Permissions on the password database may be too restrictive.
su: incorrect password

I think that line:

Permissions on the password database may be too restrictive.

Is the key. We just haven't gotten their yet. Or, it is an unrecoverable error. That would disturb me as for newbies this can't be that ucommen.

Red Knuckles · 02-23-2006, 08:48 PM

Quote:

Originally Posted by Red Knuckles

I like solving problems, this one has been difficult to say the least. Let's go back to the original problem. Maybe there are some keys there. The password wasn't corrupted. The original problem was that a setting was changed that led to this error:

yyyyyy@tttttt:~> su
Password:
Permissions on the password database may be too restrictive.
su: incorrect password

I think that line:

Permissions on the password database may be too restrictive.

Is the key. We just haven't gotten their yet. Or, it is an unrecoverable error. That would disturb me as for newbies this can't be that ucommen.

I'm not going to give up yet. Will be back tomorrow if anyone is interested. Bed time for me.

jomen · 02-24-2006, 02:35 AM

...thats quite a long problem...
Though it was said - it really was never checked - because it proved difficult without being root - I mean /etc/shadow.
You can't even look at it as a normal user.
That is why you HAVE to do it from the outside - and because I'm not familiar wiht how the suse-rescue system works I recommend another Live-CD - you mentioned Knoppix - this will do, as will any other.

1) boot with your system rescue cd or another live CD
2) mount the drive
3) chroot /mnt/hda2
4) passwd root

This was the suggested procedure - and I really did not and still do not agree!
Why? If you chroot into the system - you are using all its facilities now - and none (except for the kernel) from the rescue-cd. You have effectively the same situation as when you just booted up the system.
That is why I said: chroot is NOT neccesary to get to these files and edit them - it will make it in fact impossible.
If you cannot do it from the system - you cannot do it from chroot.

Boot Knoppix
CTRL+ALT+1 (does not have to be 1 - any number between 1 and 6 will do) takes you to a console (just a command-line)
where you already are logged in as root
Is /dev/hda2 your partition? which filesystem is it? Lets find out.
type cfdisk - and you see the partitions on that disk along with the filesystem-type
"q" (without the qoutes) ends the program and gets you back where you were
type mount - to see if the partition is already mounted - if it is - unmount it (because we need to be sure it is mounted readable and writable)
umount /mnt/_mountpoint_ (substitute this for the real one...)

make a mount-point e.g. mkdir /mnt/suse
then mount the partiton: mount -t reiserfs /dev/hda2 /mnt/suse
(replace the filesystem-type with the real one - this is an assumption - but suse uses reiserfs as the standard...)
Then you can make it easy on you - use mc to navigate and edit - you will figure it out - F4 on a file opens an editor with that file loaded - its easier than vi ...

Code:

cd /mnt/suse
mc

go to /etc and look into the files: passwd shadow securetty
passwd has an x for the password between the first two columns - take it out - there need to be two columns with no space or other caracter between them after the user name root
shadow has the encrypted password there - take it out - the same as above
look into: securetty

NOW there IS NO password anymore - and now you can do: chroot /mnt/suse /bin/bash
and then: passwd root
and set a new one
if it does not work - if it still asks you for a password in order to change it and/or does not accept an empty one - I can't think of anything more.
If it worked: exit
and shutdown knoppix...

Red Knuckles · 02-24-2006, 12:43 PM

Quote:

Originally Posted by jomen

...thats quite a long problem...
Though it was said - it really was never checked - because it proved difficult without being root - I mean /etc/shadow.
You can't even look at it as a normal user.
That is why you HAVE to do it from the outside - and because I'm not familiar with how the suse-rescue system works I recommend another Live-CD - you mentioned Knoppix - this will do, as will any other.

1) boot with your system rescue cd or another live CD
2) mount the drive
3) chroot /mnt/hda2
4) passwd root

This was the suggested procedure - and I really did not and still do not agree!
Why? If you chroot into the system - you are using all its facilities now - and none (except for the kernel) from the rescue-cd. You have effectively the same situation as when you just booted up the system.
That is why I said: chroot is NOT necessary to get to these files and edit them - it will make it in fact impossible.
If you cannot do it from the system - you cannot do it from chroot.

Boot Knoppix
CTRL+ALT+1 (does not have to be 1 - any number between 1 and 6 will do) takes you to a console (just a command-line)
where you already are logged in as root
Is /dev/hda2 your partition? which filesystem is it? Lets find out.
type cfdisk - and you see the partitions on that disk along with the filesystem-type
"q" (without the qoutes) ends the program and gets you back where you were
type mount - to see if the partition is already mounted - if it is - unmount it (because we need to be sure it is mounted readable and writable)
umount /mnt/_mountpoint_ (substitute this for the real one...)

make a mount-point e.g. mkdir /mnt/suse
then mount the partition: mount -t reiserfs /dev/hda2 /mnt/suse
(replace the filesystem-type with the real one - this is an assumption - but suse uses reiserfs as the standard...)
Then you can make it easy on you - use mc to navigate and edit - you will figure it out - F4 on a file opens an editor with that file loaded - its easier than vi ...

Code:

cd /mnt/suse
mc

go to /etc and look into the files: passwd shadow securetty
passwd has an x for the password between the first two columns - take it out - there need to be two columns with no space or other character between them after the user name root
shadow has the encrypted password there - take it out - the same as above
look into: securetty

NOW there IS NO password anymore - and now you can do: chroot /mnt/suse /bin/bash
and then: passwd root
and set a new one
if it does not work - if it still asks you for a password in order to change it and/or does not accept an empty one - I can't think of anything more.
If it worked: exit
and shutdown knoppix...

I did exactly as you suggested. BUT I'm still getting the same error messages in Suse. I did get exposed to midnight commander though. What a neat tool for problems like this. In terminal I still get:

cccccc@vvvvvv:~> su -
su: incorrect password

Note that it does not ask for my PW it just immediately says incorrect PW. Could it be that somewhere in this long voyage I have created unnecessary/duplicate files???

Red Knuckles · 02-24-2006, 01:58 PM

I went back with the Knoppix disk and mc and looked. I had 4 passwd files and 3 shadow files:
passwd
passwd.YaST2save
passwd.old
passwd.bak

shadow
shadow.YaST2save
shadow.old

I deleted files 'passwd.old', 'passed.bak', and 'shadow.old'. I know that 'passwd.bak' was a backup file created by me and the '.old' files were redundant. I then checked the remaining 4 files to be sure they were edited the same. ie. in the 2 passwd files remove x only not the : [columns] and shadow removing all values and leaving the 8 columns [:] I found. Still getting the same error messages though. I wondering if the '.YaST2save files should be there. I won't remove them unless I hear from someone. I believe I now have NO password. I still get the:

ssssss@dddddd:~> su -
su: incorrect password

error. How can I have an incorrect pw if I have NO pw??? How does the system determine "incorrect pw" if it doesn't even ask for a pw??? This is just terrible.

jomen · 02-24-2006, 02:21 PM

So you used Knoppix?
Looked into these files? (passwd shadow ...)
Did you have to change anything or where the password fields already empty?
Did you - after that - do: chroot - to set the password again?
Was there any error at this point?

I just dicovered a mistake I made throughout the last posts - the keys to press to get to a console are NOT CTRL+ALT+1 but really CTRL+ALT+F1 through CTRL+ALT+F6 - sorry!

In your suse system - it boots and shows the login-screen...can you FROM THERE change to a console (CTRL+ALT+F1)
(there you see the system name and possibly the number of the tty - it depends...there you give the username first and then the password)
If yes: can you login?
type: root
it asks for password - you give it - and then you are logged in
What happens if you do that - anything? where/when?

jomen · 02-24-2006, 03:33 PM

as for these files - you do not have to delete them - but if you think they cause trouble - just rename them - this way they are not regognized by yast and you still have them and can go back...
passwd.YaST2save
shadow.YaST2save
mv passwd.YaST2save YaST2save.passwd
mv shadow.YaST2save YaST2save.shadow

Red Knuckles · 02-24-2006, 03:45 PM

Quote:

Originally Posted by jomen

So you used Knoppix?
Looked into these files? (passwd shadow ...)
Did you have to change anything or where the password fields already empty?
Did you - after that - do: chroot - to set the password again?
Was there any error at this point?

I just discovered a mistake I made throughout the last posts - the keys to press to get to a console are NOT CTRL+ALT+1 but really CTRL+ALT+F1 through CTRL+ALT+F6 - sorry!

In your suse system - it boots and shows the login-screen...can you FROM THERE change to a console (CTRL+ALT+F1)
(there you see the system name and possibly the number of the tty - it depends...there you give the username first and then the password)
If yes: can you login?
type: root
it asks for password - you give it - and then you are logged in
What happens if you do that - anything? where/when?

First the CTRL+ALT+1-6 WAS confusing me as it didn't do anything. So I have been using console in Knoppix logged in as 'root@tty1' thinking this was where I needed to be. To answer questions in order:

Yes I used Knoppix although it is painfully slow for me.
Yes I looked into files /etc/passwd and /etc/shadow.
I did not have to change any thing in /etc/passwd. I did have to delete values in /etc/shadow.
I DID NOT [the last time] chroot /mnt/suse and set new password. That means I should have NO root password currently.
I have done these same steps before when I DID chroot /mnt/suse and set new root password. It made no difference when I logged into suse. I get same error messages either way.
From the Suse login screen I can get to console by '>sessions>console login' or 'CTRL+ALT_F-1'. It says:

Suse blah blah blah
machinename login:

If I try to login in as root OR regular user it responds:

Incorrect Login

WITHOUT ASKING FOR PASSWORD. This is true whether I reset password in Knoppix [in root@tty1 using chroot] or if I DO NOT reset password in Knoppix [thereby hoping to login in to Suse as root without password]. I get same results either way.

NOW when I boot into Knoppix and CTRL+ALT+F-1 I get screen that is console with:
root@tty1:

When I get to the point where I want to run:

Mount -t reiserfs /dev/hda2 /mnt/suse

It responds:

mount: fs reiserfs not supported by kernel

I have a feeling this is the console I needed to be in all along. The fact that reiserfs fs are not supported is not good news. Could this be done with System Rescue CD?

pljvaldez · 02-24-2006, 03:48 PM

It should be the same. I think System Rescue CD is just a gentoo based live CD instead of a Debian based live CD.