Re: UNUSUAL ROOT PASSWD PROBLEM

Michael Gretton · ‎01-31-2001

I have a k580 running 10.20 in trusted mode. We changed the root password and then when we try to get in again, it says that the password is incorrect. Heck, I typed the thing in twice.... Anyway, I have done the normal procedure in breaking the root password (going into single user mode); however, I can't get it to boot into single user mode because it asks for a BOOT AUTHENTICATION password. What gives? I am getting really concerned. Please, someone help! I have followed the booting procedures to single user mode to the letter...no success. Thanks,

Mike

Victor BERRIDGE · ‎01-31-2001

Hi,
How can you try to bring the system to single user state if you do not have anymore root privilege, or do you still have a root session somewhere? Let us know what you still have available

Regards

Cheryl Griffin · ‎01-31-2001

Boot Authentication means that you have the "Require Login Upon Boot to Single User State" set in the security policies. This means that if you set up a user to have special privileges, you need to login as that user. If you don't have that user login information, you will have to boot from the support cd and get into the system that way.

"Downtime is a Crime."

Michael Gretton · ‎01-31-2001

I don't have a root session open at this time. I had to turn the key (ugh...). Cheryl's responses has us going in one directions but we need further information. I have an install/core os cd in there. Is that what you mean by support cd? I didn't have much time this morning to play with it because it is a production box (letting it boot by itself in multiuser puts us where our users can work). What do I do once I get the right cd in there and boot from it? How does that help me crack the passwd/fix it? I really appreciate the quick response.

Mike

Sandor Horvath_2 · ‎01-31-2001

Mike !

If You doesn't use remote login as root user then You need boot Your system an another disk or CD and mount the original root FS and modify root password.
I think You use secure system so You need edit /tcb/files/auth/r/root file. Change u_pwd value to your users u_pwd value and reboot. Then root password will be same then your user.

regards, Saa

If no problem, don't fixed it.

Joseph C. Denman · ‎01-31-2001

Seems like i have had this problem before. I believe there is a way to get past the password for single user. I think it was one of the variables to the hpux.

It has been a long time, but try stoping the boot at the ISL prompt. Then

hpux -isa 0

The "a" just pops in my mind for some reason.

Hope this works!!!!

If I had only read the instructions first??

Paula J Frazer-Campbell · ‎02-01-2001

Hi
Things to try:-

1. Old root password.
2. No password.

Once you have this sorted create a root level user and treat this login and password with the same respect as root.

It is always handy to have your own "backdoor".

Paula

If you can spell SysAdmin then you is one - anon

Andy Monks · ‎02-01-2001

Last time I saw the boot auth message and tried to get passed it was at 10.00. Not sure this works now, but worth a try.

When booting, boot single user mode.

Then as soon as it starts, start pressing 'ctrl-shift-pipe' (ctrl | ) I need the shift on my keyboard. If your really lucky you'll break-in in bcheckrc (like it did). at which point, I'd probably recommend untrusting your system so you can then get in savely.

Dan Hetzel · ‎02-01-2001

Hi Michael,

One thing worth trying:
If your new root password starts with one of the keys close to the maybe that you've hit that key without realizing when you were entering the new password.

You could try a ROOT login in uppercase and type your password...
This will make your system believe that your terminal is an 'old fashion' one, kind of teletype without lowercase characters.

My $0.02...

Good luck,

Dan

Everybody knows at least one thing worth sharing -- mailto:dan.hetzel@wildcroft.com

Jerry U · ‎02-01-2001

If you have a backup server which has rights to remotely restore files on that box, backup the /tcp/files/auth/r/root from a machine with a known password, then do an "out of place restore" which most backup systems allow, and restore that file to the locked out machine. and bang! no downtime. login with the known password from the other system.

Alex Glennie · ‎02-02-2001

Within SAM you can set up the system security policies so that a
login is required when booting the system to single user.
This can be enabled as follows:
SAM --> Auditing and Security --> System security Policies -->
General User Account Policies : enable "Require login upon boot
to single user state"
The root account by default will have authority to boot the
system to single user.
You can then authorise a particular user to boot to single user
SAM --> Accounts For Users and Groups --> select the user --->
Modify Users Security Policy --> General User Account Policies
and enable " Authorize user to Boot to single-User state" .

The "Boot authentication prompt " is displayed if the "Require
login Upon Boot to single user state" is enabled and the system
is booted to single user.

RESOLUTION

When rebooting the system if the system boots to single user check the
following:

1. Check /etc/inittab for initdefault

2. Check /tcb/files/auth/r/root-t
The file "root-t" is a lock file created by the various utilities maintaining
the TCB database. If a user record is locked, no other utility (like login) can
use it. The lock file may remain following a system crash or even if SAM
aborts whilst trying to modify the account. The lock file needs to be removed
before the login can be used .
The existence of the "root-t" lock file results in the system booting straight
to single user. This will need to be removed before the system can be booted to
multiuser.
If the "Require login Upon Boot to single user state" option is enabled you
will not be able to login as root . If you have authorised another user other
than root then login as that user else you will need to boot from the support
CD to remove the lock file.

Cheryl Griffin · ‎02-02-2001

The Support Cd is one used to help recover the system, in this case recover from a lost root password. This disk is different than an Install/Core-OS disk.

If you have access to the Knowledge Base, look at documents, like these:

"Recover from lost root password with trusted system" document id KBRC00001581
"How do I boot my system from Support Media on 10.X ?" document id OZBEKBRC00000581 (a section shows how to delete trusted root password)

"Downtime is a Crime."

Pamela Green · ‎02-02-2001

If you have entered a '#' or '@' as part of the root password you will have to escape the character. i.e. hp#msft == hp\#msft

Michael Gretton · ‎02-05-2001

I appreciate all the responses I have recieved. I will need to try the Support CD boot idea (actually, all I have is a tape) and work the problem from there. I cannot do this during the day so I will be staying late tomorrow to try it. I will let you know how I did and award points!

Mike

Vincent Stedema · ‎02-05-2001

If the password for your root account is longer than 8 characters, try using the first 8 characters of the password string.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: UNUSUAL ROOT PASSWD PROBLEM

UNUSUAL ROOT PASSWD PROBLEM