How do I recover a lost/forgotten Root password

Here are the instructions into breaking into your own system if you've lost your root-password. This is taken from an article I found in Linux Gazette, written by Mark Nielsen (http://www.linuxgazette.com/issue41/nielsen1.html).

This document assumes you are partitioned thusly:
/dev/hda1 swap
/dev/hda2 /
/dev/hda3 Dos

Author refers to Redhat 5.2 but this will work with subsequent versions (I've tested it).

Steps:

1. Make system bootable from CD-rom (either in BIOS or use a boot floppy that will do so).

2. Put Linux Distribution CD into cd-rom drive and turn on computer.

3. Pretend to go through installation of distribution and after it asks you to put in the CD-rom and it gets to the next screen you can now go to the second console window.

4. Press Alt-F2, Alt-F3, Alt-F4, Alt-F5 and then Alt-F1. You should see the various screens with different messages. The one we want is Alt-F2.

5. Press Alt-F2.

6. Type "cd /tmp" and press enter. This takes us to a directory where we can make files, directories, etc...

7. Now we will make a temporary directory and a temporary device for the partition on the hard drive that we want to look at or edit. Type the following:
mkdir /tmp/my_dir
mknod /tmp/my_dev b 3 2 #the two is taken from hda"2"
above, so should be wherever your "root" partition is.
mount /tmp/my_dev /tmp/my_dir
df

8. "mkdir" makes a directory for us to mount the a partition to. "mknod" makes a device for 2nd partition on the master hard drive (hda2). This lets us "see the partition. In particular, "b 3 2" means "b" is for block device, "3" is the master hard drive on the primary IDE controller and "2" means the second partition.
"mount" takes the device we can "see" and puts it on top of the directory /tmp/my_dir.
"df" lets you see what filesystems are mounted and where.

Now we can iether edit the password file or perhaps something like turning off xwindows from starting up if you have a computer using xdm. Let's do the password

9. type: "cd /tmp/my_dir/etc" then "vi passwd"

10. You need to know how to use vi (a great editor found on almost every UNIX by default). "x" deletes a character, "i" inserts characters, "Esc" turns on and off command mode/insert mode, "wq!" writes, quits and ignores any problems with
read-only files, "h" moves one character to the left, "l" one character right, "k" up one line, "j" down one line.

11. Now in the passwd file press "j" until you get to the line you want to be on "root" (for our example)
root:x:0:0:root:/root:/bin/bash # here we want to delete the "x" which is telling
us the password is shadowed.
Now type "wq!" (without the quotes)

12. Now type "vi shadow"

You may see a line for root that looks like this
root:$1$Upkf7iIA$.nSNmn0MkoRP2srJsUx.0/:11321:0:999999:7:::
just delete everything between the colons to make it look like
root:::::::: # that's 8 (eight) colons after the word "root"

Now type "[Esc], :, wq!, enter" to write the file, quit and ignore read-only problems.

13. Now you're done editing the file, what is the problem now? If you reboot you will likely lose all of your changes. You must unmount the directory, THEN reboot.

14. Do this > "cd /tmp" > "umount /tmp/my_dir" > "df"

15. After ensuring you unmounted ok, press CTRL-Alt-Del to reboot. Also, take the cdrom out fo the cdrom drive. When your computer restarts I'd recommend having your BIOS boot off the hard drive rather than the CD-rom.

That's it, this is very useful in the case of lost/forgotten root passwords. But it's also good for fixing other problems when you just can't get it booting the right way. As I said, I plagarised the hell out of his article. But it was a great article and helped me out immensly. I hope Mr. Nielsen doesn't mind my copying his work for this forum.

d3funct
d3funct@comcast.net
The software required `Windows 95 or better', so I installed Linux.