[plug] [Fwd: (Fwd) Forgotten Password]

[Garth Atkinson]

Christian wrote:
> 
> Leon Brooks wrote:
> >
> > navarre at omen.com.au wrote:
> > >
> > > Hello Leon
> 
> > > I have a Debian system not used for several months that I have
> > > forgotten the root password and I would like to find it.
> > >
> > > The system boots from floppy, Lilo being overwritten during a
> > > primary HDD upgrade, Linux is on HDB. I have one valid user login,
> > > and it works, so I can run programs/ scripts and have telnet and a
> > > second linux box on the network (all password are known on this
> > > box, also Debian). I have tried , about fours hours worth, to
> > > remember/ second guess the password I used. I have an idea that
> > > it is six to eight alphanumeric with at least one special character.
> > >
> > > I would consider a brute force test every combination method if
> > > some one has one.
> 
> The best approach is to use a boot/root disk (ie, a disk that contains a
> bootable kernel and one that contains a complete root filesystem -
> sometimes you can fit these on the one disk).  There is a Boot disk
> HOWTO which will explain to you the process of making these disks and
> I've heard people mention scripts that will make the disks automatically
> for you (thus saving quite a lot of time/reading).
> 
> Once you have the boot/root disk you can boot the system using that and
> then mount your other root partition then edit your etc/shadow file on
> the mounted partition.  Remove root's password, save the file, unmount
> the partition and reboot.  You can then log in as root without needing a
> password.  Of course, you should then immediately set a new password.
> You may also want to consider unplugging the machine from the network
> while doing this, especially if it contains a remote login service such
> as ssh which does not obey /etc/securetty.
> 
> Regards,
> 
> Christian.
> 
I had to do this recently on a system that appears to have corrupted its
PAM/shadow setup. On a different system I downloaded one of the numerous
'linux-on-a-disk' systems that are available, installed this system on a
floppy disk, booted the faulty system using this disk, mounted the '/'
(root) filesystem, and relaxed the PAM password requirements for the
login program. I rebooted the system without the 'rescue' floppy, and
was able to log in without any password. I then set up passwords on all
user accounts (including user 'root') and undid the changes to PAM
security. It worked beautifully. The advantage of using a boot floppy is
this case was that no network services were started. I was surprised
however that the particular 'linux-on-a-disk' solution that I used
detected AND configured the NIC to use an TCP/IP address. Fortunately
the address was a private C class and was not already in use on the LAN
at the time.

Linux-on-a-disk choices : I was aware that various peoples had built
their own single disk linux systems. I was not prepared for what I
found!!! After doing a search using Altavista for these systems, I found
40 million different choices and even a couple of pages that compared
the merits of the choices. Bliss. I chose one called tomsrbt. It lets
you NFS mount (or share) stuff. It also has about 40 well used utilities
that might be required in a resuce scenario. And it has very good
hardware support compiled in and using modules, you can extend this. All
in all, a very pleasant experience.

Garth