HPE Community
Operating System - HP-UX
1821647 Members
2968 Online
109633 Solutions
New Discussion юеВ

Unlock the root account

 
Laugle
Occasional Advisor

тАО04-07-2010 06:56 AM

тАО04-07-2010 06:56 AM

Unlock the root account

We recently changed the root password on our system to a standard password for our network. The password has an @ symbol in it. Someone who has been able to log in does not have the new password, and the root account on our system is locked. We cannot console in to the system to unlock the account because the console sees the @ symbol in the password as a line return. We have tried putty, hyper terminal, etc. to try to get in to the system , with no luck. Does anyone have any ideas to get into the system? Is there an escape character that would allow us to use the current password effectively? Thanks for your help.
0 Kudos
Reply
14 REPLIES 14
Dennis Handly
Acclaimed Contributor

тАО04-07-2010 07:02 AM

тАО04-07-2010 07:02 AM

Re: Unlock the root account

>Is there an escape character that would allow us to use the current password effectively?

Use \@.
0 Kudos
Reply
Laugle
Occasional Advisor

тАО04-07-2010 07:09 AM

тАО04-07-2010 07:09 AM

Re: Unlock the root account

We are trying that solution. I also wanted to say that we cannot go into single user mode because of security applied to the server.
0 Kudos
Reply
SoorajCleris
Honored Contributor

тАО04-07-2010 07:13 AM

тАО04-07-2010 07:13 AM

Re: Unlock the root account

Hi,

What kind of security??

Regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
Reply
Laugle
Occasional Advisor

тАО04-07-2010 07:16 AM

тАО04-07-2010 07:16 AM

Re: Unlock the root account

We inherited this server when the application it hosts was moved to our base. A piece of software was loaded on it prior to the move that prevents the machine from booting into single-user mode - I don't know what software it is, I only know that we get an access denied message when we try to go there.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО04-07-2010 07:49 AM

тАО04-07-2010 07:49 AM

Re: Unlock the root account

>We are trying that solution.

What happened? Anything different?

>A piece of software was loaded on it prior to the move that prevents the machine from booting into single-user mode

You installed Trusted System?
What type of hardware do you have? What HP-UX version?
0 Kudos
Reply
Laugle
Occasional Advisor

тАО04-07-2010 08:32 AM

тАО04-07-2010 08:32 AM

Re: Unlock the root account

The backslash escape character didn't work - it was accepted as part of the password, not as an escape character.

We are running HP-UX 11 version 1 on HP model A6890A.

And yes, Trusted System is installed. We did not install it - the server came to us that way.
0 Kudos
Reply
Anshumali
Esteemed Contributor

тАО04-07-2010 08:32 PM

тАО04-07-2010 08:32 PM

Re: Unlock the root account

You need single user mode for recovering this. If there is a piece of software is NOT allowing to boot the kernel into single user mode, i assume your options are pretty much limited to asking the team who developed this on how to overcome....How you are actually suppose to manage the system if you don't have access to single user mode by design!!!


Dreams are not which you see while sleeping, Dreams are which doesnt allow you to sleep while you are chasing for them!!
0 Kudos
Reply
Viktor Balogh
Honored Contributor

тАО04-08-2010 12:59 AM

тАО04-08-2010 12:59 AM

Re: Unlock the root account

Hi Laugle,

I'm not sure if you have a trusted system, maybe it's a standard mode HP-UX with boot authenticator installed.

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=BOOTAUTH11i

Look at this thread, maybe it helps you solve your problem:

http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=773616
****
Unix operates with beer.
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

тАО04-08-2010 01:12 AM

тАО04-08-2010 01:12 AM

Re: Unlock the root account

Hi,

Just thinking...do you use a non-os backup product like Dataprotector, Networker, Netbackup etc?

If you remember the date of the password change and your previous root password, you could restore the file /tcb/files/auth/r/root from a day before the password change.

Regards,
Robert-Jan
0 Kudos
Reply
SoorajCleris
Honored Contributor

тАО04-08-2010 06:16 AM

тАО04-08-2010 06:16 AM

Re: Unlock the root account

Hi ,

you told you have trusted system configured,
Could you please confirm? you can just check if you have a directory called,

/tcb

regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
Reply
Laugle
Occasional Advisor

тАО04-08-2010 06:31 AM

тАО04-08-2010 06:31 AM

Re: Unlock the root account

My apps guy says we have Trusted System configured.

We have no backups of that system. Our command is very cash poor, and they won't spring for the UNIX agent for our backup system.

My apps guy is currently trying to find a recovery CD to boot from to fix the issue. There was not a recovery CD included with the servers when they were shipped here. If anyone knows of a place to download such a CD, I'd appreciate it.
0 Kudos
Reply
SoorajCleris
Honored Contributor

тАО04-08-2010 06:38 AM

тАО04-08-2010 06:38 AM

Re: Unlock the root account

Hi,

I dont know how this is going to help you ..
I got this only .. for getting an e-delivery.

http://h71028.www7.hp.com/enterprise/w1/en/os/hpux11i-oe-edelivery.html


Regards,
Sooraj

Regards,
Sooraj
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity" - Dennis Ritchie
0 Kudos
Reply
Tim Nelson
Honored Contributor

тАО04-08-2010 09:02 AM

тАО04-08-2010 09:02 AM

Re: Unlock the root account

Although you cannot boot to single user can you interupt and interact with ISL ? then boot to lvm maintenance mode ?

if so you man be able to mount the root filesystem and edit /tcb/files/auth/r/root and clear out the password field..

As another thought.. it could also be possible to take the OS disk on this server and put it into another server, import the drive, mount the root file system and edit the root password entry. Then put the disk back into the orig server and boot.


oh yeah, security is great until you lock your self out ( Every movie I ever saw somebody always created a back door ;)

0 Kudos
Reply
Viktor Balogh
Honored Contributor

тАО04-08-2010 09:27 AM

тАО04-08-2010 09:27 AM

Re: Unlock the root account

>My apps guy is currently trying to find a recovery CD to boot from to fix the issue.

If you have another HP-UX system, go and setup an ignite server and boot off of it. Or do an ignite tape backup, it is also bootable. You could also use your tape backup you have taken to this server. OS backups are a must for every server, do you have any?

****
Unix operates with beer.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.