topic Lost root password in Operating System - HP-UX

Lost root password

Jessica Nguyen — Thu, 12 Jul 2001 22:16:56 GMT

If I su root, I still need password. I still can log on my account. Does it help? Please tell me how to get in the password file from a user.

Re: Lost root password

Patrick Wallek — Thu, 12 Jul 2001 22:20:32 GMT

A regular user generally can't access the passwd file. You could try 'vi /etc/passwd' but I doubt it will let you save it.

Another option is if you have restricted SAM set up to allow other users to set up accounts. If you have this you should be able to go in and change root's passwd.

Re: Lost root password

someone_4 — Thu, 12 Jul 2001 22:43:45 GMT

If you check sam for a user with a user id of 0 can change passwords too. We have a "backup" root user with and id of 0. That makes it a superuser that is just as powerfull as root.

Richard

Re: Lost root password

Michael Tully — Thu, 12 Jul 2001 23:20:52 GMT

Hi,

The other guys have sort of got you on the
right track. I would like add something else.

I would suggest that implement a well known
product called 'sudo' This will allow you to
secure your system so that anybody that wishes
to add, modify. or delete users can but only
has access to this.

I've attached the link for you.

http://www.courtesan.com/sudo/

Regards
Michael

Re: Lost root password

Bill Hassell — Thu, 12 Jul 2001 23:22:43 GMT

If you have lost the root password, there is nothing you can do as an ordinary user to reset the password. You will have to reboot the machine, interrupt the boot process and use hpux -is to enter single user mode. Remember that /usr and /var will not be mounted so once in single user mode, mount these 2 directories so you'll have access to vipw to edit the password file. If the system is trusted, you'll need to edit /tcb directory.

Regarding duplicate root ID's, this is can be a very big security and stability risk, especially if an ordinary username has the extra UID 0. From a security point of view, the first place a hacker will try to modify is a normal user into a UID 0. The other problem is when a user logs in with this non-root account name (UID 0) but has forgotten that they are root and makes a big mistake such as a recursive rm command (the infamous "rm -r * Club")

I would order the brand new HP-UX Security book from HP Press authored by Chris Wong as soon as possible.

Re: Lost root password

Jessica Nguyen — Fri, 13 Jul 2001 15:53:04 GMT

I can't get to sam in order to change my user id to 0. I already reboot the system, but I don't know how to interrupt the reboot process . Please advise.
I have a retired system, and it is still functioning. I wish I can ftp the root power to my account in the new system, but I was just able to ftp the .profile only. I get the warning that I am the superuser, but I have no root power. Please advise how to ftp the root power from one system to the other.

Thanks in advance

Re: Lost root password

JAYAMOHAN.V.D — Sat, 14 Jul 2001 05:54:45 GMT

hi,
The procedure to boot the system in single user mode is as follows...
if u reboot the machine, in the console u will get a message like this
"Autoserach for boot path enabled
To override press any key with in 10 sec"
press any key at this time, u will get a question to boot from primary boot path.
you have to give y as answer. then it will ask do u want to interact with IPL, u have to answer Y.
then u will get an ISL prompt.
ISL>
in this prompt u enter the command
ISL> hpux -is
this will boot the system in single user mode.
it will not ask for the root password. now u can change the password of root by typing the command "passwd".
regards
jayamohan