[CentOS] Lost root access

Thu Feb 3 12:50:14 UTC 2011
Nico Kadel-Garcia <nkadel at gmail.com>

On Wed, Feb 2, 2011 at 9:44 AM, James Bensley <jwbensley at gmail.com> wrote:
> So on a virtual server the root password was no longer working (as in
> I couldn't ssh in anymore). Only I and one other know it and neither
> of us have changed it. No other account had the correct privileges to
> correct this so I'm wondering, if I had mounted that vdi as a
> secondary device on another VM, browsed the file system and delete
> /etc/shadow would this have wiped all users passwords meaning I could
> regain access again?
>
> (This is past tense because its sorted now but I'm curious if this
> would have worked? And if not, what could I have done?).

Deleting /etc/shadow is *BAD*. You just blew away everyone's password,
and will cause enormous confusion.

If you can't restore it, use "pwunconv" to turn off the use of
/etc/shadow, and "pwconv" to re-enable it. The passwords will be
locked, I believe: then you can mount the idle filesystem, do a
"chroot" to the idle filesystem, and run "passwd root" to set a new
password.