[K12OSN] Root Password corrupts?...more details
Petre Scheie
petre at maltzen.net
Mon Mar 14 01:05:22 UTC 2005
Here's a more simple approach to fixing the 'lost' root password problem, although it
does allow for a *very* bried security hole:
1. Boot the system from CD, either the RH in rescue mode as others have suggested; or
you can use a Knoppix disk. Knoppix might have trouble with some SCSI controllers (I've
got some Compaq ML350s in which Knoppix doesn't recognize the SCSI controller), so the
RH route might be more reliable.
2. cd to / and create a directory to use as a mountpoint.
cd /
mkdir xx
. Mount the partition of the hard disk that contains /etc (probably under /) onto athe
new mountpoint. For example
mount /dev/hda1 /xx/
3. cd into /xx/etc/ and edit the passwd file, removing the x in the second field for
root's ID; in other words, change
root:x:0:0:root:/root:/bin/bash
to
root::0:0:root:/root:/bin/bash
Save the file, and reboot the system, remove the CD, so that you boot as normal. When
you get to the login prompt, login as root, and the system should let you in without a
password. CREATE A PASSWORD IMMEDIATELY! Just run the passwd command.
This brief period where root doesn't require a password is the small temporary
vulnerability window I mentioned. If you're really paranoid, just unplug the network
cable from the box until you get the new root password set.
Petre
Barry R Cisna wrote:
> I wanted to add more details to my previous post on this delima.
> Besides the root password ,corrupting, I also have had a couple
> other things ,that I beleive are related to using Webmin.
> I 'm thinking one constant is that this has always happened when
> using Webmin >remotely<( from home.)
> Wondering if going through our NAT box/firewall,,,that Webmin sees
> both servers as the same "external" IP addrress?
>
> Another thing that has happend is after using Webmin,,a few
> times,remoteley is,,,that VNC will quite working.
> If I try and even do a manual start of vnc server vnc fails to
> start. I have never gotten vnc to work/start again,after this. I've
> tryed to look at all of the vnc settings/config files and cant see what
> has changed (or even possible files that have disappered
> ,pertaining to vnc). I even done a --force install of the vnc/vnc-server
> rpm to see if it clears this up,,but no joy:(.
> I can live without the vnc not working,,and the K12LTSP clients
> still can log in ok. I m just "wondering what causes this.
>
> 2. A few times after using Webmin,also, (and vnc no longer works) I
> go to the console,and ,alas,, I have several "segmentation
> faults"...when rebooting the affected server. ( hard drive corruption or
> just files having been deleted/corrupted somehow)???.Needless,,to
> say,,at this point the only option is to reformat,as I m dead in the water.
> Webmin is a very handy tool ,,but for now I m guessing I m only
> going to use it,"internally" inside of the LAN.
> This scenario has happend on all of our four K12LTSP servers over
> the last few months, so I m sure it isnt a "particular" hardware situation.
>
> BTW: thanks to all that posted on how to recover the "corrupted"
> root password,,but I've had no luck getting the root password to work
> after this scenario.Reformat time(ugh!).
>
> Possibly someone could post a:
> 1. xxxx
> 2. xxxx
> 3. xxxx
> format to walk a dummy like me,,through the root password recovery
> process.
>
> I can do the Rescue Disk recovery from a boot,CD,and get to the
> command line,,but then a cant get to the "change root password"... command?
>
> Just wondering if anyone has used Webmin,, much,,and experienced the
> same results?
>
> Thanks,,
>
> Barry CIsna
> RR1 Box 213
> Gladstone, IL 61437
>
> brcisna at frontiernet.net <mailto:brcisna at frontiernet.net>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
More information about the K12OSN
mailing list