Tuesday, April 20, 2010

Linux password recovery(Debian and Centos)

SkyHi @ Tuesday, April 20, 2010

So you forgot your root password...no worries as long as you have physical access to the machine.

Some distributions (Fedora, CentOS, for example) make it super easy to recover the root password by using single user mode. All you have to do is edit the boot line in grub and append the word single to the end of the line. Once it boots, you are root (without having to log in) and can issue the "passwd" command to change the password. Reboot, and viola!, password changed.


Other distributions (debian, Ubuntu, and other derivatives for example) make it more difficult. The quickest easiest way I have found to reset these is from a live cd. Live cd's basically let you boot from a cd into a fully working OS. There are many different ones out there such as Knoppix and Ubuntu.


We will be using Ubuntu for this tutorial.


First, download and burn the .iso to a blank cd (if you need help here, you are in the wrong forum).


Next, boot this cd on the machine you have forgotten the password to. The boot screen will first have you select a language, then chose the "try Ubuntu without affecting my machine" option. It will take a few minutes to boot, and then you will be dropped into the Ubuntu GUI.


At the menu at the top, select "Applications" -> "Accessories" -> "Terminal".

When the terminal opens, you will be the "Ubuntu" user. We need to be root, so type "sudo su" and hit enter. The prompt will change to a # instead of a $.


Next, we need to mount the hard drive partition with the forgotten password. Type "mount /dev/sda1 /mnt" and hit enter. You may need to change the "sda1" to something else if this is not the partition your root filesystem is located on.


Once the partition is mounted, just edit the shadow file. Type "nano /mnt/etc/shadow" and hit enter. This will open a text editor with the shadow file open and ready to edit. Edit the file as with any simple text editor. The important information is on the line that begins with "root" (should be the first line. Delete the string of characters beginning after the first colon (:) all the way to the second colon.

Hit ctrl-x for exit, "y" for yes and "enter" to save and exit.


Reboot and take the cd out. Now you should be able to log into your system as root without being prompted for a password. Type "passwd" and hit enter. You will be prompted for your new password twice.


Congrats! You just reset your password!


REFERENCE

http://www.ctunion.com/node/796