Re: Password

sk8r-365 wrote:
Trygve Roaldset made a definite or systematic statement of:
My dougther bougt this small laptop with Linux. She forgot her password.
How it is possible to enter this computer again?

T.R.


T.R., Typical of a Windows user, you have provided almost no usable
information. I ran a quick search on Ask with the phrase "linux lost
password" which yielded 951,800 hits. Here's information from one page
(modify instructions to your needs):

Lost Root Password (Linux)

Have you ever forgotten your root password? I have a very good memory. I
remember most of my client's passwords (there are a few I forget
regularly for no reason that I can understand, but I really do know
most), I remember telephone numbers, and of course I know my own
passwords. That last isn't as easy as it might sound, because I have
quite a few different systems and each has its own password, but though
I might use the wrong one now and then, I'll get it on the second or
third try.

Well, not this time. A while back I installed Fedora on a system here,
and today I wanted to look at something and .. what was the root
password? Hmm, not that.. how about? .. nope, well it must be.. darn!

I had no idea. Fortunately, it wasn't a boot password, so I did have
access to the system. Without that, I would have had to dig up the CD's
(who knows where they are) and do a recovery that way, or download
something from Tom's Root and Boot Site. I had access to the Grub
loader, so I had it easy.

If you've lost your root password, you might be able to recover it this
way. However, some systems are protected with boot loader passwords that
won't let you do that without THAT password. If the boot loader is
password protected, you need to boot from other media - for newer
systems, the install CD probably has the recovery tools for that ("linux
rescue" for example).

But let's try it the easy way first. The first thing to try is to boot
to single user mode. This MIGHT not work for you, because your system
might be configured to still ask for a root password to get to single
user mode. If that's the case, we'll use another trick that replaces
init with /bin/bash.

First, try single user. If you don't see either a LILO or GRUB boot
screen, try hitting CTRL-X to get one. If it's LILO, just type "linux
single" and that should do it (assuming that "linux" is the lilo label).
If GRUB, hit 'e", then select the "kernel" line, hit "e" again, and add
" single" (or just " 1") to the end of the line. Press ENTER, and then
"b" to boot. (More modern grub uses "a" to append to the boot line)

You should get a fairly normal looking boot sequence except that it
terminates a little early at a bash prompt. If you get a "Give root
password for system maintenance", this isn't going to work, so see the
"init" version below.

If you do get the prompt, the / filesystem may not be mounted rw
(although "mount" may say it is). Do

mount -o remount,rw /

If that doesn't work (it might not), just type "mount" to find out where
"/" is mounted. Let's say it is on /dev/sda2. You'd then type:

mount -o remount,rw /dev/sda2

If you can do this, just type "passwd" once you are in and change it to
whatever you like. Or just edit /etc/shadow to remove the password
field: move to just beyond the first ":" and remove everything up to the
next ":". With vi, that would be "/:" to move to the first ":", space
bar once, then "d/:" and ENTER. You'll get a warning about changing a
read-only file; that's normal. Before you do this, /etc/shadow might
look like:

root:$1$8NFmV6tr$rT.INHxDBWn1VvU5gjGzi/:12209:0:99999:7:-1:-1:1074970543
bin:*:12187:0:99999:7::: daemon:*:12187:0:99999:7:::
adm:*:12187:0:99999:7:::

and after, the first few lines should be:

root::12209:0:99999:7:-1:-1:1074970543 bin:*:12187:0:99999:7:::
daemon:*:12187:0:99999:7::: adm:*:12187:0:99999:7:::

You'll need to force the write: with vi, ":wq!". (If that still doesn't
work, you needed to do the -o remount,rw, see above).

Another trick is to add "init=/bin/bash" (LILO "linux init=/bin/bash" or
add it to the Grub "kernel" line). This will dump you to a bash prompt
much earlier than single user mode, and a lot less has been initialized,
mounted, etc. You'll definitely need the "-o remount,rw" here. Also note
that other filesystems aren't mounted at all, so you may need to mount
them manually if you need them. Look in /etc/fstab for the device names.

Keep this in mind if you have a Linux machine in a publically accessible
place : without more protection, it's not usually hard to recover a lost
root password, which means it's just as easy for someone to CHANGE it,
or access root without your knowlege.

Another way to do this is to remove the password from /etc/shadow. Just
in case you screw up, I'd copy it somewhere safe first. You want to end
up with the root line looking something like this:

# original line
root:$1$EYBTVZHP$QtjkCG768giXzPvW4HqB5/:12832:0:99999:7::: # after
editing root::12832:0:99999:7:::

If you are having trouble with editing (you really do have to learn vi
one of these days), you could just (after making a copy, of course) just

echo "root::12832:0:::::" > /mnt/etc/shadow or, if you were in single
user mode echo "root::12832:0:::::" > /etc/shadow

and then fix things up when rebooted.

If using something like "linux rescue" or other boot media, if the
recovery disk doesn't automatically mount your disk, you need to do it
manually. This shouldn't be difficult unless you have an unusual disk
controller. For example, a Compaq raid controller will probably be
/dev/ida/c0d0. Find the partitions by using fdisk /dev/ida/c0d0 (just
"p" and quit) and then mount what you need.

If all else fails, consider that you can pull this drive (or install
another drive in this machine) and mount it from another running Linux.
Then recover the root password as explained above.

and from another web site

11. Lost Password! What if one day you sat down to your computer, and
couldn't remember your user password? It could happen. Senior
moments, blonde moments, Mom's-heimers -- call it what you will --
but every so often the humans among us lose random bits of data.
And, because it's bad security (or rather no security) to write down
your passwords, here's how you can login despite the forgotten
password.

IMPORTANT: The tips in this document require the use command-line
commands. For more information about how to read and execute Linux
command-line prompts and commands, please check the Linux Clues' Linux
Cheat ***, especially Linux Prompt Basics and Linux Command-Line
Nomenclature.

Lost User Password So you forgot your user password, eh? The following
steps assume you've forgotten your user password but remember your root
password. If you don't remember your root password, skip down to that
section.

Start by logging in as root. (If you're not sure how to do that, read
Logging in and out as Root on LinuxClues.com.) Next, open a terminal or
console and type the three lines that follow. (Remember, don't type the
pound symbol, that shows you're logged in as root.)

# passwd {type your username here without the curly brackets} Type in a
new password (Ignore the error message you'll probably get.) Type in
the new password again.

Log out as root and back in as user with your new password.

Of course, this fix assumes you remember your root password. What do you
do if you forget your root password? Not possible? Ok, just imagine you
disappear on a fantastic vacation, sans PC. (It COULD happen.) Let's say
you spend a glorious two weeks of baking your brains in the sun, or
hiking up the sides of mountains viewing stunning vistas. Day after day
after day. Then after 14 days of this you head back home, where you
power up the PC, go to login and have brain fade trying to remember your
root password. What should you do? Well, we'll show you.

Lost Root Password IMPORTANT: Physically disconnect your PC from the
network and the Internet -- pull the Ethernet cable out, eject the
wireless card, whatever. Just make sure you're offline. This is to
protect your PC from possible Internet-borne attack while you're
repairing the password. Please heed this warning and follow this safety
procedure. Linux is vulnerable during these steps.

Follow this two-step process. Because the first step varies from distro
to distro, we're presenting several alternatives, including an advanced
version. The second step is pretty much the same across the board.

Step 1: Red Hat and Mandrake Start with install CD #1 and boot with it.
As the first screen appears, press F2 and type:

rescue (Type "linux rescue" for Red Hat.)

The computer should boot into rescue mode. The screen will display
several options. Select: "mount the existing partitions" and go to the
shell/console prompt. (Mandrake users: Boot into "failsafe" from the
Lilo menu instead.)

Step 1: SuSE Boot from your first install CD and press F1 at the first
screen, then choose "Rescue System" from the menu and at the prompt
type:

root (You do not need a password.)

Step 1: Other Distros Boot from your first install CD (or any live CD
like Knoppix) and at the boot prompt type:

linux single (For Knoppix type "knoppix single" without the quotes.)

The computer will boot in single user mode. You will see an odd looking
prompt that might look something like: "sh-2.05b#".

Step 1: Advanced Alternative If you're a regular reader of Scot's
Newsletter and you carried out the Rescue CD Linux Explorers tip from
the last newsletter issue, you already have a Linux rescue CD, which is
required for this alternative to Step 1.

By booting with your rescue CD (or to a live Linux CD, such as Knoppix),
you can bypass Step 1, mount the partition and, while logged in as root,
skip right to Step 2 and make the changes to the files Step 2 requires.

Step 2 After following Step 1 as appropriate, type the following at the
prompt:

# cd /etc (For Knoppix, first you must change directory to the
partition with your lost-password distro.)

Step 2 requires you to make changes to these two files: "passwd" and
"shadow." Type this line:

# vi passwd (This opens the file with the Vi editor.)

Next, press the I key, which places the Vi editor in Insert mode.

For more on the Vi editor, see the Vi Editor edition of Tips for Linux
Explorers.

The first line of the passwd file will probably look like this:

root:x:0:0:root:/root:/bin/bash

Carefully delete the "x" after "root:" being sure to leave the colons in
place. The first line should now read:

root::0:0:root:/root:/bin/bash

Save the file by pressing the Escape key and then typing:

ZZ

To edit the second file, type:

# vi shadow

Press the I key to place the Vi editor in Insert mode.

The first line of the shadow file is a long scrambled string of
characters. Change it to:

root:::: (That's four colons.)

Save the file by pressing the Escape key and then typing:

ZZ

Now you can reboot your computer. Log in as your normal user, open a
console, and type:

$ su # passwd

And set the new root password. Log out as root:

Ctrl-D

And the job is done!


And as we can see, what is so great about Linux; things can be done in
many different ways :)

--
Vahis
http://waxborg.servepics.com
Congressman Wilson has an expression:
"You can teach them to type, but you can't teach them to grow tits."
.