FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 02-03-2011, 06:55 PM
 
Default Lost root access

Rafa Grimán wrote:
> On Thursday 03 February 2011 14:59 Giles Coochey wrote
>> On 03/02/2011 14:40, Rafa Griman wrote:
>> > On Wed, Feb 2, 2011 at 3:44 PM, James Bensley<jwbensley@gmail.com>
>> wrote:
>> >> So on a virtual server the root password was no longer working (as in
>> >> I couldn't ssh in anymore). Only I and one other know it and neither
>> >> of us have changed it. No other account had the correct privileges to
>> >> correct this so I'm wondering, if I had mounted that vdi as a
>> >> secondary device on another VM, browsed the file system and delete
>> >> /etc/shadow would this have wiped all users passwords meaning I could
>> >> regain access again?
>> >>
<snip>
>> That would do it... There is single-user-mode (runlevel 1), just add the
>> word single to the kernel parameters line before bootup
>
> Yes, but S|Single|1 asks for root password to login ... And he doesn't
> have the root password

Boot from a rescue CD/DVD, then chroot and use passwd.

mark

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-03-2011, 07:14 PM
Rafa Grimn
 
Default Lost root access

Hey !!!

On Thursday 03 February 2011 20:42 Robert Heller wrote
> At Thu, 3 Feb 2011 20:12:17 +0100 CentOS mailing list <centos@centos.org>
wrote:
> > Hi
> >
> > On Thursday 03 February 2011 14:59 Giles Coochey wrote
> >
> > > On 03/02/2011 14:40, Rafa Griman wrote:
> > > > Hi
> > > >
> > > > On Wed, Feb 2, 2011 at 3:44 PM, James Bensley<jwbensley@gmail.com>
wrote:
> > > >> So on a virtual server the root password was no longer working (as
> > > >> in I couldn't ssh in anymore). Only I and one other know it and
> > > >> neither of us have changed it. No other account had the correct
> > > >> privileges to correct this so I'm wondering, if I had mounted that
> > > >> vdi as a secondary device on another VM, browsed the file system
> > > >> and delete /etc/shadow would this have wiped all users passwords
> > > >> meaning I could regain access again?
> > > >>
> > > >> (This is past tense because its sorted now but I'm curious if this
> > > >> would have worked? And if not, what could I have done?).
> > > >
> > > > As the other said: DON'T delete /etc/shadow.
> > > >
> > > > Someone also mentioned you could modify the hash in /etc/shadow. This
> > > > will work if you are root or have the right permissions with sudo.
> > > >
> > > > If you can reboot the system, what really works great is passing the
> > > > following option to the kernel on the lilo/grub screen when the
> > > > system
> > > >
> > > > boots:
> > > > init=/bin/bash
> > > >
> > > > This will give you a shell without being asked for a password (unless
> > > > the sys admin has done his homework Now that you have shell access
> > > >
> > > > ... you are in charge so you can:
> > > > - mount the / partition and chroot
> > > >
> > > > - edit /etc/shadow and delete the password hash
> > > >
> > > > - whatever you can imagine ... you decide
> > >
> > > That would do it... There is single-user-mode (runlevel 1), just add
> > > the word single to the kernel parameters line before bootup
> > >
> > > It will give you the same result and mount stuff without the need to
> > > chroot etc...
> >
> > Yes, but S|Single|1 asks for root password to login ... And he doesn't
> > have the root password
>
> RedHat / RHEL / CentOS does not do that!


True, just tried it with RHEL 6 and CentOS 5.3. Well it should ask for a
passwd ... at least IMHO.

Then again ... an admin should configure grub/lilo to ask for a password if you
pass parameters to the kernel during boot time


> At least never on any of my
> machines -- is there some config option for that? Yes, for manual fchk
> it does, but not otherwise.


I'll check, but no idea.

Rafa

--
"We cannot treat computers as Humans. Computers need love."

Happily using KDE 4.5.5
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-03-2011, 07:23 PM
Always Learning
 
Default Lost root access

On Thu, 2011-02-03 at 14:42 -0500, Robert Heller wrote:

> At Thu, 3 Feb 2011 20:12:17 +0100 CentOS mailing list
> <centos@centos.org> wrote:
> >
> > Yes, but S|Single|1 asks for root password to login ...
> > And he doesn't have the root password


> RedHat / RHEL / CentOS does not do that! At least never on any of my
> machines --

Agreed. Adding 'single' to the kernel boot line boots up in run level 1
and no password is required.

My system is 2.6.18-194.32.1.el5 #1 SMP Wed Jan 5 17:52:25 EST 2011
x86_64 x86_64 x86_64 GNU/Linux


--

With best regards,

Paul.
England,
EU.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-03-2011, 08:10 PM
Tom H
 
Default Lost root access

On Thu, Feb 3, 2011 at 3:14 PM, Rafa Grimn <rafagriman@gmail.com> wrote:
> On Thursday 03 February 2011 20:42 Robert Heller wrote
>> At Thu, 3 Feb 2011 20:12:17 +0100 CentOS mailing list <centos@centos.org>
> wrote:
>> > Hi
>> >
>> > On Thursday 03 February 2011 14:59 Giles Coochey wrote
>> >
>> > > On 03/02/2011 14:40, Rafa Griman wrote:
>> > > > Hi
>> > > >
>> > > > On Wed, Feb 2, 2011 at 3:44 PM, James Bensley<jwbensley@gmail.com>
> wrote:
>> > > >> So on a virtual server the root password was no longer working (as
>> > > >> in I couldn't ssh in anymore). Only I and one other know it and
>> > > >> neither of us have changed it. No other account had the correct
>> > > >> privileges to correct this so I'm wondering, if I had mounted that
>> > > >> vdi as a secondary device on another VM, browsed the file system
>> > > >> and delete /etc/shadow would this have wiped all users passwords
>> > > >> meaning I could regain access again?
>> > > >>
>> > > >> (This is past tense because its sorted now but I'm curious if this
>> > > >> would have worked? And if not, what could I have done?).
>> > > >
>> > > > As the other said: DON'T delete /etc/shadow.
>> > > >
>> > > > Someone also mentioned you could modify the hash in /etc/shadow. This
>> > > > will work if you are root or have the right permissions with sudo.
>> > > >
>> > > > If you can reboot the system, what really works great is passing the
>> > > > following option to the kernel on the lilo/grub screen when the
>> > > > system
>> > > >
>> > > > boots:
>> > > > * * * init=/bin/bash
>> > > >
>> > > > This will give you a shell without being asked for a password (unless
>> > > > the sys admin has done his homework Now that you have shell access
>> > > >
>> > > > ... you are in charge so you can:
>> > > > * * * - mount the / partition and chroot
>> > > >
>> > > > * * * - edit /etc/shadow and delete the password hash
>> > > >
>> > > > * * * - whatever you can imagine ... you decide
>> > >
>> > > That would do it... There is single-user-mode (runlevel 1), just add
>> > > the word single to the kernel parameters line before bootup
>> > >
>> > > It will give you the same result and mount stuff without the need to
>> > > chroot etc...
>> >
>> > Yes, but S|Single|1 asks for root password to login ... And he doesn't
>> > have the root password
>>
>> RedHat / RHEL / CentOS does not do that!
>
>
> True, just tried it with RHEL 6 and CentOS 5.3. Well it should ask for a
> passwd ... at least IMHO.
>
> Then again ... an admin should configure grub/lilo to ask for a password if you
> pass parameters to the kernel during boot time
>
>
>> At least never on any of my
>> machines -- is there some config option for that? *Yes, for manual fchk
>> it does, but not otherwise.
>
>
> I'll check, but no idea.

In CentOS 5, use "~~:S:wait:/sbin/sulogin" in "/etc/inittab" to enter
runlevel S with a password.

In CentOS 6, use "SINGLE=/sbin/sushell" in "/etc/sysconfig/init" to
enter runlevel S without a password (default) and
"SINGLE=/sbin/sulogin" in "/etc/sysconfig/init" to enter runlevel S
with a password.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-04-2011, 12:10 AM
Leonard den Ottolander
 
Default Lost root access

Hi James,

On Wed, 2011-02-02 at 14:44 +0000, James Bensley wrote:
> So on a virtual server the root password was no longer working (as in
> I couldn't ssh in anymore).

Any chance PermitRootLogin is set to "no" in /etc/ssh/sshd_config?

Regards,
Leonard.

--
mount -t life -o ro /dev/dna /genetic/research


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 02:03 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org