On 02/02/2011 15:44, James Bensley wrote:
So on a virtual server the root password was no longer working (as in I couldn't ssh in anymore). Only I and one other know it and neither of us have changed it. No other account had the correct privileges to correct this so I'm wondering, if I had mounted that vdi as a secondary device on another VM, browsed the file system and delete /etc/shadow would this have wiped all users passwords meaning I could regain access again?
(This is past tense because its sorted now but I'm curious if this would have worked? And if not, what could I have done?).
If you can edit /etc/shadow then you could have changed roots password. Depending on your access (console required) you could have booted to single-user mode and edited /etc/shadow that way.
I would not recommend deleting the /etc/shadow file at all... don't think that would gain you access.