On Thu, Feb 3, 2011 at 3:14 PM, Rafa Grimán rafagriman@gmail.com wrote:
On Thursday 03 February 2011 20:42 Robert Heller wrote
At Thu, 3 Feb 2011 20:12:17 +0100 CentOS mailing list centos@centos.org
wrote:
Hi :)
On Thursday 03 February 2011 14:59 Giles Coochey wrote
On 03/02/2011 14:40, Rafa Griman wrote:
Hi :)
On Wed, Feb 2, 2011 at 3:44 PM, James Bensleyjwbensley@gmail.com
wrote:
So on a virtual server the root password was no longer working (as in I couldn't ssh in anymore). Only I and one other know it and neither of us have changed it. No other account had the correct privileges to correct this so I'm wondering, if I had mounted that vdi as a secondary device on another VM, browsed the file system and delete /etc/shadow would this have wiped all users passwords meaning I could regain access again?
(This is past tense because its sorted now but I'm curious if this would have worked? And if not, what could I have done?).
As the other said: DON'T delete /etc/shadow.
Someone also mentioned you could modify the hash in /etc/shadow. This will work if you are root or have the right permissions with sudo.
If you can reboot the system, what really works great is passing the following option to the kernel on the lilo/grub screen when the system
boots: init=/bin/bash
This will give you a shell without being asked for a password (unless the sys admin has done his homework ;) Now that you have shell access
... you are in charge so you can: - mount the / partition and chroot
- edit /etc/shadow and delete the password hash
- whatever you can imagine ... you decide ;)
That would do it... There is single-user-mode (runlevel 1), just add the word single to the kernel parameters line before bootup
It will give you the same result and mount stuff without the need to chroot etc...
Yes, but S|Single|1 asks for root password to login ... And he doesn't have the root password ;)
RedHat / RHEL / CentOS does not do that!
True, just tried it with RHEL 6 and CentOS 5.3. Well it should ask for a passwd ... at least IMHO.
Then again ... an admin should configure grub/lilo to ask for a password if you pass parameters to the kernel during boot time :)
At least never on any of my machines -- is there some config option for that? Yes, for manual fchk it does, but not otherwise.
I'll check, but no idea.
In CentOS 5, use "~~:S:wait:/sbin/sulogin" in "/etc/inittab" to enter runlevel S with a password.
In CentOS 6, use "SINGLE=/sbin/sushell" in "/etc/sysconfig/init" to enter runlevel S without a password (default) and "SINGLE=/sbin/sulogin" in "/etc/sysconfig/init" to enter runlevel S with a password.