HPE Community
Operating System - HP-UX
1824877 Members
3839 Online
109675 Solutions
New Discussion юеВ

Bypassing Trusted Single User Mode Authentication

 
Steven Gabriel_1
Occasional Contributor

тАО08-11-2002 08:11 AM

тАО08-11-2002 08:11 AM

Bypassing Trusted Single User Mode Authentication

All;
I have trusted a HPUX 10.20 server and enable the policy where password authentication is required prior to booting into single user mode.
Unfortunately, the TCB database become corrupted, core dump and paniced my server and now root cannot get in.
Is there a way to bypass the password authentication prompt upon entering single user mode???
So far HP has said there is no way of bypassing this option upon system boot. Yet I have my doubts, there has to be a fix or HP would not offered this trusted policy option.
Has anyone experienced this problem and have the fix. Re-Igniting or performing a Cold install really is not the answer I am looking for.
Any help in this matter will be greatly appreciated.
Thanks everyone.
Steven Gabriel
0 Kudos
Reply
5 REPLIES 5
Michael Tully
Honored Contributor

тАО08-11-2002 02:32 PM

тАО08-11-2002 02:32 PM

Re: Bypassing Trusted Single User Mode Authentication

Boy, You really have a problem. There is no way I know of by-passing this. I think your only option is to recover from your ignite tape. :^((

Anyone for a Mutiny ?
0 Kudos
Reply
Patrick Wallek
Honored Contributor

тАО08-11-2002 02:45 PM

тАО08-11-2002 02:45 PM

Re: Bypassing Trusted Single User Mode Authentication

Your biggest problem I think is the fact that your /tcb area is corrupted. And the fact that you have the security turned on for single-user mode adds to your difficulties.

The only thing I can think of is if you can boot into multi-user mode, and IF you have a use that has restricted SAM privileges, you MIGHT be able to reset roots password. Once that is done, you might then be able to do a 'tsconvert -r' (I think) to undo your trusted system and then reconvert to trusted to rebuild the /tcb area.

If your /tcb area is totally corrupted and no one can login, then you MIGHT be able to boot from a CD, or the Ignite/UX tape, and bring up the recovery kernel, and from there you can try mounting your / LV and then you might be able to restore /tcb.
One thing I would do once this is resolved is make sure that you are up to date on patches and that you have all the patches relating to trusted system so that hopefully this doesn't happen again.
0 Kudos
Reply
PIYUSH D. PATEL
Honored Contributor

тАО08-11-2002 03:50 PM

тАО08-11-2002 03:50 PM

Re: Bypassing Trusted Single User Mode Authentication

Hi,

I think that you may have to restore your backup or reinstall the OS. If you have an Ignite backup then it will be good.

Piyush
0 Kudos
Reply
Fragon
Trusted Contributor

тАО08-11-2002 04:29 PM

тАО08-11-2002 04:29 PM

Re: Bypassing Trusted Single User Mode Authentication

Besides system recovery & cold install, I think the only way to resolve your problem are as follows:
1. Secret command in GSP which can reset users' passwd;
2. Secret way offered in ISL which can reset users' passwd or can login without password...
But I think it's impossible even for HP!

:`(

0 Kudos
Reply
F Verschuren
Esteemed Contributor

тАО08-12-2002 02:25 AM

тАО08-12-2002 02:25 AM

Re: Bypassing Trusted Single User Mode Authentication

You can boot from a CD
run the recovery shell,
change the system to a non secure mode (ore edit the TCB files) and reboot again.
If iam not mistaking this will work so reinstall is not needed!
TCB errors will alsow ocure then / is 100% so alsow check this one.
whit the proper lvmoptions you can mount / on a other file syemen and change the stuf that needs to be changed.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.