Beruflich Dokumente
Kultur Dokumente
Well, not this time. A while back I installed Fedora on a system here, and today I wanted to look at
something and .. what was the root password? Hmm, not that.. how about? .. nope, well it must be.. darn!
I had no idea. Fortunately, it wasn't a boot password, so I did have access to the system. Without that, I
would have had to dig up the CD's (who knows where they are) and do a recovery that way, or download
something from Tom's Root and Boot Site. I had access to the Grub loader, so I had it easy.
If you've lost your root password, you might be able to recover it this way. However, some systems are
protected with boot loader passwords that won't let you do that without THAT password. If the boot loader
is password protected, you need to boot from other media - for newer systems, the install CD probably has
the recovery tools for that ("linux rescue" for example).
But let's try it the easy way first. The first thing to try is to boot to single user mode. This MIGHT not work
for you, because your system might be configured to still ask for a root password to get to single user
mode. If that's the case, we'll use another trick that replaces init with /bin/bash.
First, try single user. If you don't see either a LILO or GRUB boot screen, try hitting CTRL-X to get one. If
it's LILO, just type "linux single" and that should do it (assuming that "linux" is the lilo label). If GRUB, hit
'e", then select the "kernel" line, hit "e" again, and add " single" (or just " 1") to the end of the line. Press
ENTER, and then "b" to boot. (More modern grub uses "a" to append to the boot line)
You should get a fairly normal looking boot sequence except that it terminates a little early at a bash
prompt. If you get a "Give root password for system maintenance", this isn't going to work, so see the "init"
version below.
If you do get the prompt, the / filesystem may not be mounted rw (although "mount" may say it is). Do
mount -o remount,rw /
If that doesn't work (it might not), just type "mount" to find out where "/" is mounted. Let's say it is on
/dev/sda2. You'd then type:
root:$1$8NFmV6tr$rT.INHxDBWn1VvU5gjGzi/:12209:0:99999:7:-1:-
1:1074970543
bin:*:12187:0:99999:7:::
daemon:*:12187:0:99999:7:::
adm:*:12187:0:99999:7:::
root::12209:0:99999:7:-1:-1:1074970543
bin:*:12187:0:99999:7:::
daemon:*:12187:0:99999:7:::
adm:*:12187:0:99999:7:::
You'll need to force the write: with vi, ":wq!". (If that still doesn't work, you needed to do the -o
remount,rw, see above).
Another trick is to add "init=/bin/bash" (LILO "linux init=/bin/bash" or add it to the Grub "kernel" line). This
will dump you to a bash prompt much earlier than single user mode, and a lot less has been initialized,
mounted, etc. You'll definitely need the "-o remount,rw" here. Also note that other filesystems aren't
mounted at all, so you may need to mount them manually if you need them. Look in /etc/fstab for the
device names.
Keep this in mind if you have a Linux machine in a publically accessible place : without more protection, it's
not usually hard to recover a lost root password, which means it's just as easy for someone to CHANGE it,
or access root without your knowlege.
Another way to do this is to remove the password from /etc/shadow. Just in case you screw up, I'd copy it
somewhere safe first. You want to end up with the root line looking something like this:
# original line
root:$1$EYBTVZHP$QtjkCG768giXzPvW4HqB5/:12832:0:99999:7:::
# after editing
root::12832:0:99999:7:::
If you are having trouble with editing (you really do have to learn vi one of these days), you could just
(after making a copy, of course) just
If using something like "linux rescue" or other boot media, if the recovery disk doesn't automatically mount
your disk, you need to do it manually. This shouldn't be difficult unless you have an unusual disk controller.
For example, a Compaq raid controller will probably be /dev/ida/c0d0. Find the partitions by using fdisk
/dev/ida/c0d0 (just "p" and quit) and then mount what you need.
If all else fails, consider that you can pull this drive (or install another drive in this machine) and mount it
from another running Linux.