Hi guys i have a problem in that the root passwd was changed last week while i was at home enjoying the weather and know i cant access it as the person who changed it must be dislexic as the spelling he used obviosly isn't in any dictionary. my question is, i can't change the root passwd without knowing the old one and it is a production server so shutdown not possible. if i delete the entry below in /tcb/files/auth/r/root to make it look like this :u_pwd=:will that remove passwd on root and thus allow me to reset.
Firstly choosing a password that doesn't exist in a dictionary is a good idea for a trusted system :-)) Maybe your colleague was being extra secure?
If you've still got a terminal logged in as root then editing the root tcb file will work. Be careful - if you damage the file then you will be looking at a reboot into single user to replace the file.
I've had this problem several times. Editing /tcb/files/auth/r/root has always worked for me.
BTW, Since then, I have a pseudo root account (UID = 0) set up on my systems so I can just login and do "passwd root" to change the root passwd. It is easier and safer than editing files.
Thanks for the reply's, but won't i still need to know the existing password to change it even in single user mode. i thought the first thing it asked for when changing is the old password. hence the file change. regards
