Hi guys i have a problem in that the root passwd was changed last week while i was at home enjoying the weather and know i cant access it as the person who changed it must be dislexic as the spelling he used obviosly isn't in any dictionary. my question is, i can't change the root passwd without knowing the old one and it is a production server so shutdown not possible. if i delete the entry below in /tcb/files/auth/r/root to make it look like this :u_pwd=:will that remove passwd on root and thus allow me to reset.
Firstly choosing a password that doesn't exist in a dictionary is a good idea for a trusted system :-)) Maybe your colleague was being extra secure?
If you've still got a terminal logged in as root then editing the root tcb file will work. Be careful - if you damage the file then you will be looking at a reboot into single user to replace the file.
I've had this problem several times. Editing /tcb/files/auth/r/root has always worked for me.
BTW, Since then, I have a pseudo root account (UID = 0) set up on my systems so I can just login and do "passwd root" to change the root passwd. It is easier and safer than editing files.
Thanks for the reply's, but won't i still need to know the existing password to change it even in single user mode. i thought the first thing it asked for when changing is the old password. hence the file change. regards
If you neet a passwd in single usermode (standart not truned on And you do not have a other "root" user than you need to boot from CD before you can edit the /tcb/files/auth/r/root file. just removing the encripted passwd and use the passwd comand and than you wil not be asked for a old passwd.
ofcause if you are only a normal user the rootpasswd can't be changed by the normal user... whitout hacking you own system....
There are 2 options you can try after going to single user mode. 1. Edit the /tcb/files/auth/r/root file and null the password field and then change the password, it wont ask for old password. 2. use /sbin/passwd root to change the password dont use /usr/bin/passwd this wont ask for old password.
rlogin from another unix machine as root to this server and change the root password .This will only happen if the .rhost or /etc/hosts.equiv had configured.
Thats one advantage of secure shell. If you have it already set up, then you can use it to open a session on the host, unconvert the system, fix it, then convert it back. If you can otherwise get to a # prompt, you can fix it by unconverting from trusted, then creating a second user with a UID of 0. Then login as that user, then type "passwd root". Since its unconverted from trusted, it won't ask you for the old password.
