Loosing the root password - Security & Cryptography
Users browsing this thread: 3 Guest(s)
|
|||
Hello fello nixers,
This thread is about what to do if you lost your root password. Context: My friend lost his root password and his current user automatically logs into the system without entering any password, so he doesn't remember this one either. The solutions I could think of:
This will only work if the hard disk is not encrypted, and it's not so it's fine. I have found those too: https://access.redhat.com/documentation/...asswd.html This one is a way to boot into single user mode linux by appending to the GRUB line: Code: ro root=LABEL=/ http://askubuntu.com/questions/24006/how...e-password https://help.ubuntu.com/community/LostPassword Kind of the same spirit, choosing to boot into a rescue mode and then mounting the file system and changing the password. There's also a mention to add this line to the grub: Code: init=/bin/bash Do you have any other tips or suggestions? Here's a bunch of resources on the topic. |
|||
|
|||
Although this isn't the answer your friend is looking for, if I were them, I would create a new user password, add myself to sudoers, and then lock the root account. It seems like a security hole to allow logging in as root at all.
Another technique for changing the password could be using a live CD / USB to chroot in and then change the password. I believe you have root permissions at that point. |
|||
|
|||
(08-09-2016, 04:18 AM)citrus Wrote: Another technique for changing the password could be using a live CD / USB to chroot in and then change the password. I believe you have root permissions at that point.This actually saved me today. Using single usermode didn't cut it, it was mounting the file system in read-only mode which didn't let me access anything. |
|||
|
|||
Like citrus said, my first go-to would be systemrescuecd and a chroot
|
|||
|
|||
if you still have an account on the system, you could also go the privilege escalation route. there are a number of tools to help you identify vulns on your current machine. i've recently been taken to using the MIDA-Multitool since i actually pulls and runs multiple other tools. once you get root you can just change the password.
|
|||