ROOT PASSWORD 2

[rankar]

Does anyone know of a way to change the root password without being su and without reinstalling the OS. My server
was either hacked or I changed it on accident. I am running Solaris 2.7, any help would be appreciated.

Thanks,
RG

 

[bluedragon2]

faq60-1568

 

[jerryshao]

I remember I couldn't launch 'vi' for some reason. Did you get the same problem?

 

[Clairvoyant1332]

I've had that happen before. I think you need to explicitly set the TERM variable when booting single user. For a sun monitor/keyboard, it's TERM=sun

 

[bi]

vi is in /usr/bin, which might not be mounted in single user mode?

 

[njwiseguy]

to change root password,

shutdown
boot cdrom
make a /tmp directory like /tmp/here
mount the root slice usually /dev/dsk/c0t0d0s0 to /tmp/here
cd /tmp/here/etc
vi the shadow file and remove the encrypted root password
write quit and reboot
set the passwd as you would normally after login (no passwd required)

Mike

 

[bi]

Mike, if /usr is a separate filesystem and not part of the root filesystem, doesn't /usr also have to be mounted so vi can be used to edit the shadow file?

 

[njwiseguy]

Yes and no. Yes you are correct about it not being mounted, but no, I have been able to do it without it being mounted. If I recall correctly, editing the file acted a little funky, but it works, and worked for me. Also, vi maybe available under /bin (where it is not a link).

 

[rankar]

This is all very helpful, I am going out to our colo today.
I will let you know what worked.

Thanks again,
RG

 

[rankar]

This worked just like the faq60-1568 said it would, I was able to change the root password and log on to the server as root.
The problem I am having now is that once I log on remotely, the server will not allow me to become root. I get password incorrect, it works if I am on console but not remotely. Any thoughts?
Thanks
RG

 

[njwiseguy]

Check the CONSOLE setting in /etc/default/login.

It is self-explanatory...

 

[kumsaga]

if your VI does not work , set term to VI .

 

[rankar]

I checked this login file and found this entry:

# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
CONSOLE=/dev/console

I think what this means is that if I comment this out then I can log on as root. I have another Solaris box and this file is identical except it lets me become su once I am logged in. I have to go out to our colo to make this change, does this look like the right file to edit?
Thanks,
RG

 

[bi]

If you comment out this line in /etc/default/login, you don't have to be at the console to log in as root. (This is not recommended from a security point of view.)

 

[rankar]

This too is my concern, I really don't want to log on as root, only become root once I am logged on. Any thoughts on this?
RG

 

[bi]

I can't seem to get this behavior on my Solaris 7 system.

Here are some stabs in the dark:

Are you using su - root or just su root?
Might there be something set in /etc/pam.conf that would prevent su'ing to root?

 

[rankar]

I just use su <enter>, but I just tried the other two, su root and su -root and i get the same result.

 

[bi]

RG,

I'm stumped. Hopefully, someone else can help. Sorry.

 

[syjl]

create the file /.rhosts and add the remote server name to the file, then rsh to the box as root. similarly, create the same .rhosts file in the home directory of the user coming in and no password will be needed as long as the user exists on both boxes. bad for security but you can get in easily to do your work

 

[bi]

There was a similar problem on another Unix forum and the solution was to check /usr/bin/su. In the other forum, the permissions on su were wrong (someone had changed it). This is what I have on my Solaris 7 system for su:

-r-sr-xr-x 1 root sys 17976 Oct 6 1998 /usr/bin/su

If yours is different (permission and ownership, as well as size, if you have a Solaris 7 system), that might be the problem.