Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Locked out

Status
Not open for further replies.
RoryJMcKenna

RoryJMcKenna

MIS
Apr 24, 2003
164
CA
I have a Debian box (Woody) that I have not used for a bit I cannot recall my root passwd to get some data off of this box... Anyone know a good util. to hack my root pw?

Thx Rory
 
Sort by date Sort by votes
Don't know about Debian but most Linuxes can be run in single user mode from the LILO loader by typing linux single when asked which system to boot - this gives you root access by default
 
Upvote 0 Downvote
Ha! If I knew it was that easy I would not have asked... But here is the how too if anyone else is curious.

At the lilo boot screen, as soon as boot: appears (you must press a shift key at this point on some systems to prevent automatic booting), enter:

boot: Linux init=/bin/sh
This causes the system to boot the kernel and run /bin/sh instead of its standard init. Now you have gained root privileges and a root shell. Since / is currently mounted read-only and many disk partitions have not been mounted yet, you must do the following to have a reasonably functioning system.

init-2.03# mount -n -o remount,rw /
init-2.03# mount -avt nonfs,noproc,nosmbfs
init-2.03# cd /etc
init-2.03# vi passwd
init-2.03# vi shadow
(If the second data field in /etc/passwd is "x" for every username, your system uses shadow passwords, and you must edit /etc/shadow.) To disable the root password, edit the second data field in the password file so that it is empty. Now the system can be rebooted and you can log on as root without a password. When booting into runlevel 1, Debian (at least after Potato) requires a password, which some older distributions did not.

 
Upvote 0 Downvote
Yes, it's that easy, but no one should leave it like this.
Add something like this to your lilo.conf for protection.
password=mypassword
restricted
 
Upvote 0 Downvote

And what if you forget that password ;-)

Anyway, a computer where people have physical access can never be secure so protecting LILO or the boot up process won't make it any safer.

Cheers

Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
Morsing,

In my long experience I have never encountered a
situation where being afraid of a little security
and choosing not to implement it helped at all.

If you are afraid that you will forget your
passwords store them in an encrypted file on
other media.

Your physical access theory only goes so far.
We are talking about SERVERS not workstations.
Why should an untrusted individual have access
to this machine? Why make it easy for anyone?

Many times a few precautions, like password protecting
your bootloader, bios and removing the keyboard after
boot, produce an insuperable obstacle to a malicious
user.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

spamjim
  • Locked
  • Question
Sorting out NTFS filesystem issues
Replies
0
Views
268
spamjim
spamjim
theniteowl
  • Locked
  • Question
Parsing data out of files
Replies
0
Views
202
theniteowl
theniteowl
henzen
  • Locked
  • Question
Using mod_sed on both in/out filtering on same site
Replies
1
Views
180
feherke
feherke
chieftan
  • Locked
  • Question
Copying log files out to back up server
Replies
5
Views
187
IPGuru
IPGuru
kepetersen
  • Locked
  • Question
tsc password locked
Replies
0
Views
91
kepetersen
kepetersen

Part and Inventory Search

Sponsor

Back
Top