Friday, 16 September 2011

Linux Troubleshooting – Root Password Reset


Linux Troubleshooting – Root Password Reset


The General problem that we see in an enterprise environment, where there is no centralized automated password management tool is …. missing root passwords for the servers.

Missing root passwords are also common when the servers initially managed by one team and later handed over to other team, but not all the changes to root passwords are not handed over to new teams.




Below procedure, to reset root password, can be used on a linux machine if you are having access to server console:

1. Reboot the machine

2. When you notice GRUB loader that shows the Linux Operating system to be booted Just press the button “e”

3. Highlight the kernel line using the arrow keys and then hit “e” again

4. That will take you to the command interface where you can edit the line. you just have to go end of line add “init=/bin/bash” ( no need to enter double quotes )

5. And then hit the button “b” to boot from that kernel entry

This will dump you to a bash prompt much earlier than single user mode, and a lot less has been initialized, mounted, etc. And root filesystem is in “read only” state at this level.

To make any modifications related to password we should remount the ”/” filesystem in “rw” mode.

Just use the command:

# mount -o remount,rw /

take the backup copies of /etc/passwd and /etc/shadow before modifying them, and then make modifications to the “root” entry in /etc/shadow as below

# original line
root:$1$EYBTVZHP$QtjkCG768giXzPvW4HqB5/:12832:0:99999:7:::
# after editing

root::12832:0:99999:7::: –> we have removed the encrypted password field from the root entry, to make password empty.

And now reboot the machine to normal mode and once you login with empty password ….. Just dont forget to reset root password. Otherwise you know what happens your Server will turn into “Public toilet”

No comments:

Post a Comment

Twitter Bird Gadget