Upload
sensolum
View
213
Download
0
Embed Size (px)
Citation preview
8/6/2019 Debian Root
1/2
here are times for system administrators they might have forgot their debian machine root password
and they want to reset this password.We will see the available options.
There are various methods available for resetting a root password.
Boot debian linux into single-user mode
Boot using a boot disk (like knoppix,gnoppix) and edit the password fileMount the drive on another computer and edit the password file
It is possible to boot a system and log on to the root account without knowing the root password as
long as one has access to the console keyboard.
This is a procedure which requires no external boot disks and no change in BIOS boot settings.
Here, Linux is the label for booting the Linux kernel in the default Debian install.
Solution 1
At the lilo boot screen, as soon as boot: appears (you must press a shift key at this point on somesystems to prevent automatic booting and when lilo uses the framebuffer you have to press TAB to
see the options you type), enter:
boot: Linux init=/bin/sh
This causes the system to boot the kernel and run /bin/sh instead of its standard init. Now you have
gained root privileges and a root shell. Since / is currently mounted read-only and many diskpartitions have not been mounted yet, you must do the following to have a reasonably functioning
system.
# mount -n -o remount,rw /
# mount -avt nonfs,noproc,nosmbfs
# cd /etc
# vi passwd
# vi shadow
(If the second data field in /etc/passwd is x for every username, your system uses shadow
passwords, and you must edit /etc/shadow.) To disable the root password, edit the second data field
in the password file so that it is empty. Now the system can be rebooted and you can log on as rootwithout a password. When booting into runlevel 1, Debian (at least after Potato) requires a
password, which some older distributions did not.
It is a good idea to have a minimal editor in /bin/ in case /usr/ is not accessible.Also consider
installing the sash package. When the system becomes unbootable, execute
boot: Linux init=/bin/sash
sash serves as an interactive substitute for sh even when /bin/sh is unusable. Its statically linked,and includes many standard utilities as built-ins.
Solution 2
Boot from any emergency boot/root disk set. If /dev/hda3 is the original root partition, the following
will let one edit the password file just as easily as the above.
# mkdir recovery
# mount /dev/hda3 recovery
# cd recovery/etc
# vi shadow
8/6/2019 Debian Root
2/2
# vi passwd
Scroll down to the line containing the root users information, which looks something like
root:weeWRSF!sfDFs:12581:0:99999:7:::
Delete everything between the first and second colons, so that the line looks like
root::12581:0:99999:7:::Save the file and exit your editor.Type cd to return to your home directory.
Type umount mountplace to unmount the partition.
#unmount /dev/hda3 recovery
Type reboot to reboot your system
The advantage of this approach over the previous method is one does not need to know the lilopassword . But to use it one must be able to access the BIOS setup to allow the system to boot from
floppy disk or CD, if that is not already set.
Solution 3
Reseting passwords by mounting on another system and editing the password file is bit more work
need to be done.first you need to Shut down the machine after backing up all important data.Nowremove you machine hard disk and connect this hard disk as slave drive for another machine(this
should be linux OS) and boot this machine.Once the system finishes booting, mount the slave
drives root partition and edit the password file.If /dev/hda3 is the original root partition, thefollowing will let one edit the password file just as easily as the above.
# mkdir recovery
# mount /dev/hda3 recovery
# cd recovery/etc
# vi shadow
# vi passwd
Scroll down to the line containing the root users information, which looks something like
root:weeWRSF!sfDFs:12581:0:99999:7:::
Delete everything between the first and second colons, so that the line looks like
root::12581:0:99999:7:::
Save the file and exit your editor.Type cd to return to your home directory.
Type umount mountplace to unmount the partition.
#unmount /dev/hda3 recovery
Type reboot to reboot your system
If you want to prevent others from resetting your root password you can use two options first one is
protect your bootloader with password i.e your GRUB or LILO boot loaders and second one is
protect BIOS with password.