[CentOS] Lost root access
Giles Coochey
giles at coochey.net
Wed Feb 2 14:47:07 UTC 2011
On 02/02/2011 15:44, James Bensley wrote:
> So on a virtual server the root password was no longer working (as in
> I couldn't ssh in anymore). Only I and one other know it and neither
> of us have changed it. No other account had the correct privileges to
> correct this so I'm wondering, if I had mounted that vdi as a
> secondary device on another VM, browsed the file system and delete
> /etc/shadow would this have wiped all users passwords meaning I could
> regain access again?
>
> (This is past tense because its sorted now but I'm curious if this
> would have worked? And if not, what could I have done?).
>
If you can edit /etc/shadow then you could have changed roots password.
Depending on your access (console required) you could have booted to
single-user mode and edited /etc/shadow that way.
I would not recommend deleting the /etc/shadow file at all... don't
think that would gain you access.
--
Best Regards,
Giles Coochey
NetSecSpec Ltd
NL T-Systems Mobile: +31 681 265 086
NL Mobile: +31 626 508 131
GIB Mobile: +350 5401 6693
Email/MSN/Live Messenger: giles at coochey.net
Skype: gilescoochey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5137 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20110202/f56e01a7/attachment.p7s>
More information about the CentOS
mailing list