[lug] Re: linux

rm at mamma.varadinet.de rm at mamma.varadinet.de
Tue Jun 19 09:57:43 MDT 2001 

On Tue, Jun 19, 2001 at 09:35:16AM -0600, J. Wayde Allen wrote:
> On Tue, 19 Jun 2001, Dhruva B. Reddy wrote:
> 
> > So basically, as long as you have physical access to the machine,
> > there is a way to reset the root password?
> 
> If you have physical access to a machine, there is an awful lot you can do
> with a screwdriver and some time.

Even though i'm very fond of screwdriver solutions i might go for
a slightly less invasive solution here ,-)
If you can afford to reboot the machine (after calling 'sync' if you need
to reboot by means of power switch) just press tab or Cntr as soon as 
you get to the lilo prompt. Then enter the normal boot command (usually
linux or something allike) and add ' init=/bin/bash' to it. The system
should boot into a shell now without any login prompt. After this you
need to remove the characters after root: up to the next colon, so
'root:bdfbfgbsr:43534543...' will become 'root::43534543...'
Then reboot and you should be able to log in as root without a password.



Ralf 

> Remember that you don't have a root password when you install Linux for
> the first time.  You have to set it once you've got the system installed.  
> The way many (all?) of the install packages work is to load a simple Linux
> kernel, and create a RAM disk that contains a small file system with the
> utilities needed to manipulate and build the target Linux file system on
> your hard drive.  The CDROM based versions may skip the RAM disk, and
> simply mount a file system directly from the CDROM.  This is also the
> basic idea behind the various "rescue" disks available.  If you use one of
> these rescue disks, and/or load your installation disk and break out of
> the install program, you should then have command line access to the root
> file system commands.  That should allow you to manualy mount and
> manipulate file systems.  Check the man page for the mount command.  If
> you mount the /root partition from your disk, then you should have root
> access to any of the files it contains, and should be able to modify
> /etc/passwd as needed.
> 
> > Sounds scary.
> 
> It is just another level in the security puzzle.  Also, if you lock things
> down too tightly you'd have to throw the box away and buy another if you
> forgot the root password for instance.
> 
> > Is it possible to do this remotely?
> 
> I'd say very unlikely.  To do what I'm suggesting you have to be able
> to shutdown the installed Linux kernel and boot the rescue kernel.  That
> typically means you have to pull the power plug to kill the installed
> version.  It also means you need to load the rescue kernel into the system
> somehow.  Either via a floppy or CDROM that is inserted into the
> drive.  This might also mean you'd need to change some of the BIOS
> settings to get the correct disk to boot.  These are all things that are
> kind of difficult to do remotely.
> 
> - Wayde
>   (wallen at lug.boulder.co.us)
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

More information about the LUG mailing list