Posted by Dan Nuffer on 1999-08-29
> Firstly I apologise for bringing linux to this group but my system's gone > belly-up and I don't have any other contacts, so no flames please. I've got > school projects written in latex on a linux partition on my hard drive > (RedHat 6.0) but this morning I booted linux up and none of my passwords > were recognised - I can't login. Can anyone help me??? > > Thanks, > > Christopher Waudby > quadby@xxxxxxxxx.xxx > http://surf.to/areaq > If you have lilo installed, then it's a cinch to get in. When the lilo: prompt comes up type the name you've assigned to boot linux, let's say linux, followed by init=/bin/bash, so you would type linux init=/bin/bash[enter] That will boot you right into bash, and won't start any services either. Then since you most likely have shadow passwords installed, you will need to go edit the /etc/shadow file, first chmod +w /etc/shadow and then edit it with your favorite editor. Edit the line that says root, and erase everything between the second and third semicolons. This will erase the password, allowing you to log in w/out a password. Then save the file and remove the write permissions by "chmod -w /etc/shadow". If you didn't install shadow passwords you will need to do the same thing to the /etc/passwd file instead. Assuming the problem was with your password, you will then be able to log in as root without a password and can reset it to whatever you want. I think it's kind of surprising that there is such a blatant security hole for somebody at the console, but I guess someone also could just boot off a floppy and do the same thing. Probably the best thing to do to prevent someone exploiting this would be to set a boot password in the bios. Later, Dan
Previous post | Next post | Timeline | Home