Re: recover lost root password

To: <debian-user@lists.debian.org>
Subject: Re: recover lost root password
From: Carla Schroder <debian@bratgrrl.com>
Date: Sat, 8 Mar 2003 17:57:24 -0800
Message-id: <[🔎] 200303081757.24565.debian@bratgrrl.com>
Reply-to: carla@bratgrrl.com
In-reply-to: <[🔎] 20030309011542.GB9785@wacka.mjr.org>
References: <[🔎] 200303081641.36393.debian@bratgrrl.com> <[🔎] 20030309011542.GB9785@wacka.mjr.org>

On Saturday 08 March 2003 5:15 pm, Hugh Saunders wrote:
> On Sat, Mar 08, 2003 at 04:41:36PM -0800, Carla Schroder wrote:
> > Well here's a good one, is there a way to get into a system when
> > you've lost the root password? Without a CD or boot floppy? Used to be
> > you could pass in "init=/bin/sh" from LILO, and work some /etc/shadow
> > magic. (like copy the hashed root password from a different system)
> > But GRUB is different...
>
> I just tried that from GRUB [selected the menu item hit 'e' to edit on
> the kernel line appened init=/bin/sh then 'b' to boot] hey-presto no
> flippin password needed! and there was me thinking my laptop was almost
> secure!!
>
> how can i prevent this from working?
> [apart from bios password]
>
> hugh

Password-protect GRUB. See 
http://www.gnu.org/manual/grub-0.90/html_mono/grub.html#

Here's the full recipe, there are some tricky bits:

as regular user, open /boot/grub/menu.lst and 
write it down, you want the kernel and root lines from this part:

## ## End Default Options ##

title           Libranet GNU/Linux, kernel 2.4.19
root            (hd0,2)
kernel          /boot/vmlinuz-2.4.19 root=/dev/hda3 ro 
savedefault

(There are other ways to discover your boot parameter, see the GRUB manual.)
restart machine, when Grub menu appears hit 'c' to get the command prompt
type the root line as you copied it and hit return
type  the kernel line as you copied it, then add this to the end:

init=/bin/bash

and hit return
type boot and hit return

It will boot normally and stop at a command prompt, and will not ask for a 
login. Remount in readwrite:

# mount -o, remount,rw /

Using your fave editor, open /etc/shadow. At the top is the line for root's 
hashed password.

root:$1$uz45555u$D/5y4444S19.dNjNMlRnRO.:12037:0:99999:7:::

Delete the bit between the first set of colons:

root::12037:0:99999:7:::

Now, remount as read-only:

# mount -o, remount,ro /

Now sync the filesystem:

# sync;sync;sleep 10;sync;mount -o remount,ro /

Restart init:

# exec /sbin/init

Now when you log in as root, it will not ask for a password.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
www.tuxcomputing.com
this message brought to you
by Libranet 2.7 and Kmail
~~~~~~~~~~~~~~~~~~~~~~~~~

Reply to:

Follow-Ups:
- Re: recover lost root password
  - From: Hugh Saunders <hugh@mjr.org>

References:
- recover lost root password
  - From: Carla Schroder <debian@bratgrrl.com>
- Re: recover lost root password
  - From: Hugh Saunders <hugh@mjr.org>

Prev by Date: Re: stung by dependancies
Next by Date: Re: XMMS and CD Audio Broken
Previous by thread: Re: recover lost root password
Next by thread: Re: recover lost root password
Index(es):
- Date
- Thread