[CentOS] OT: Torrent software choice

Mon Feb 22 23:52:15 UTC 2010
John R Pierce <pierce at hogranch.com>

Bob Taylor wrote:
> Hi, I am writting this message in hope that you can be of a great help 
> to me. My husband that has been on this site  died suddenly Feb 4th) 
> and I can not access my computer. He has  a user name and password on 
> the system. He has used the Linux  and Red Hat to run the 
> computer....   He would boot up the system and then I would do my 
> email, documents, etc.  I never thought to ask him his password or 
> username.  There is no one in our area that knows how to change the 
> username and password on the Linux system... Can you or some one you 
> may know help. I did find a Red Hat Boot disk... not sure what to do 
> with it!!!!

in a nutshell, you boot the linux CD into 'linux rescue mode', then the 
usernames are in the /etc/passwd file on the mounted hard drive, which 
is I believe mounted as /a, so it would be /a/etc/passwd, and the 
passwords themselves are encrypted in /etc/shadow  ...  its easiest to 
edit /etc/shadow (probably as /a/etc/shadow due to the rescue mount), 
then just zap out the password field.

whoever does this has to be reasonably competent with unix command line 
tools like vi, there's no gui in the rescue environment.

a typical /etc/passwd file...

    root:x:0:0:root:/root:/bin/bash
    bin:x:1:1:bin:/bin:
    ....additional system accounts deleted...
    nobody:x:99:99:Nobody:/:
    pierce:x:500:510:John R Pierce:/home/pierce:/bin/bash
    mudshark:x:502:510:Mud E Shark:/home/mudshark:/bin/bash


and the corresponding /etc/shadow file...

    root:$**********************z/:13890:0:99999:7:-1:-1:134538772
    bin:*:10810:0:99999:7:::
    ....system accounts trimmed.....
    nobody:*:10810:0:99999:7:::
    pierce:$******************0:14332:0:99999:7:-1:-1:134539876
    mudshark:$*******************x:10815:0:99999:7:-1:-1:134538468



so two users on this systme are pierce and mudshark, everything before 
nobody is a system account.   I replaced the bulk of the password hash 
with ******, you would remove everything between the : so a line would 
look like...

   root::13890:0:99999:7:-1:-1:134538772

(note there's now two colons between the username and the next field)

now that account can log on without a password.

hopefully you can find someone who knows enough linux to make sense of this.