22/10: Linux Compromised With 'root' Password Recovery?

I have been dabbling into Texas Instruments' Da Vinci DM6467 Digital Video Processing kits recently and consider myself a relative Linux n0ob, relative being the key word. :)

I used Red Hat 9 as the host workstation for booting the kits over NFS (Network File System). I had come back to working on it after a couple days and had forgotten 'root's' password I had set when I installed Red Hat 9 on the host system.

I looked around on the internet and found a solution to reset the password for user 'root'.

The procedure is relatively simple. Basically, when booting the workstation, the bootloader (GRUB - GRand Unified Bootloader) allows you time for selecting your operating system. On that screen, follow the following steps:

1 - Highlight/select the distro (Red Hat Linux) using the arrow keys.

2 - Press 'e' to edit the boot parameters for the distro.

3 - You will see some entries like the following ones:

root (hd0,0)
kernel /vmlinuz-2.4.20-8 ro root=LABEL=/
initrd /initrd-2.4.20-8.img

3 - Highlight/select the line for the Kernel parameters. In the above example, it is the second line which is in bold. Press 'e' when you have selected it.

4 - Add 'single at the end of the line. Don't forget to put a space between the last character and 'single'. Example:

kernel /vmlinuz-2.4.20-8 ro root=LABEL=/ single

5 - Press 'Enter' or 'Return' key for saving the changes and then 'b' for booting.

6 - Once the system boots and you arrive at the command line interface, use the passwd command to change the root password as below:

passwd root

7 - Follow the instructions to enter new password twice.

8 - Once done, type 'reboot' or 'exit' to boot again. The new password you set will now work.

When I first reset the password, I realized that this method being so easy, anyone can hack into the system if he/she has physical access to it. While there may be other ways to secure the system against this simple hack, the one that comes immediately to mind is to set a password for the boot loader (GRUB in this case) so that the kernel boot parameters cannot be altered to force booting in single user mode. Of course, this works mostly on default installations where appropriate steps haven't been taken to secure the system.

Regardless of this method being so easy, I am thankful for it because I didn't have to reinstall Red Hat 9 on that system and consequently lose my data. It seems you learn something new with Linux everyday. :)
Asad  Computers 
Karma: 783 [Add to karma] 

Comments made

This blog is very informative and thanks for the updates and the blog colour and desiging is very beautiful after seeing this u must be a creative man.
I am from Maldives and know bad English, give true I wrote the following sentence: ""

THX :o, Atara.
28/03 00:19:16
hi i want password for alam/alam2
please send me
09/06 02:51:21

Add comment


Allowed BBCode:[b] [i] [u] [color=] [size=] [quote] [code] [email] [img]

Comments must be approved before being published.


Copyright 2006-2013 Asad Asif - All rights reserved unless otherwise noted.

CSS | XHTML 1.0 Strict | RSS