Friday, July 27, 2007

How to Reset the root password and GRUB password

===================================================
METHOD 1
===================================================
HOW TO RESET UR ROOT PASSWORD IF U FORGET IT
Recovery from an unknown root password
This document contains a Red Hat and SUSE example of recovering from an unknown root password.
On Red Hat
Red Hat systems do not ask for a root password when booting in single user mode. On powered off
Red Hat systems the procedure is:
1 Boot the computer
2 Use ‘e’ in the GRUB boot loader (First press in SUSE)
3 Use ‘e’ to edit the kernel boot option
4 Type ‘ 1’ at the end of the line or 'init=/bin/sh' (also in SUSE)
5 Select ‘b’ to enter single user mode
6 Use the passwd command. You now have a new root user password.
One way to prevent this simple root password recovery method, is to add a password to GRUB.
This procedure will not work on all distributions, because other systems tend to ask a root password
for entering single user mode.
Another way to recover from the unknown password is to use rescue mode (also see the following
objective).
On other systems
On powered off (SUSE) systems the procedure is:

1 Boot the computer from the install CD (or rescue diskette)

2 Choose Rescue System from the boot options. You will be the root user of the booted system
without being prompted for a password.
3 Mount the / partition of the installed system, e.g.:
o mount /dev/hda1 /mnt
4 Make the mounted (installed) system the new root (/) system and change the password of the root
user, e.g.:
o chroot /mnt passwd
You changed to the installed root system and used the passwd command to create a new password
for the root user.
The command chroot /mnt would make the change to the installed system more permanent. E.g.
you
can change /etc/fstab, /etc/inittab, /boot/grub/menu.lst (The SUSE version of the boot menu
grub.conf), which are on the installed system until you use the exit command.
If you do not use the chroot command, then you would alter the files of the rescue system and not
the
files of the installed system.
The Red Hat rescue system is similar to SUSE but uses the command chroot /mnt/sysimage
Note:
Deleting the x in the /etc/passwd file of the root entry, removes the password protection for root.
An alternative way to recover from an unknown password is:
– Using a boot CD or USB stick
– Mount the hard disk
– Remove the x
– Restart the system
– Login without a password
Think of a way to enable the password again and if you want to protect your notebook for these
actions: Use an encrypted file system (for / or your data partition).
http://wiki.novell.com/index.php/Roberts_Quick_References

While Booting ( Redhat ) just press "e" in GRUB

u will find 3 lines of code..
Goto to the 2nd line press "e"again and type "1" in the end
then press ENTER..
Then press "b" and it will boot you into your shell..
Just type "passwd" and change ur ROOT password...
dont need to know the old one..
===================================================
METHOD 2
===================================================
"I, uh, forgot the root password"

Let's look at recovering the root password from the boot loader. If you're using GRUB, then, as GRUB
loads up, highlight the Red Hat Linux entry on the GRUB menu and then press [E] to edit the boot
configuration. Locate the following line, something that looks like this:

kernel /boot/vmlinuz-2.4.20-0.70 root=LABEL=/hdc=ide-scsi

Type the number '1' at the end. Doing so boots the PC into run level 1-single user mode, where
you're automatically logged in as root. This done, type 'passwd' at the prompt. You can enter a new
password here.
===================================================
METHOD 3
===================================================
Question.
we can crack the root password and GRUB password, if there is no Grum password, from the initial
screen (i.e. from the init 1); but with the GRUB password. While reading LinuxForYou, I saw your
section and thought you may be able to help.

Answer.
To break the GRUB start-up password, follow the steps given below:

1. Boot the system with the first Linux CD. At the boot prompt, type linux rescue to switch to rescue
mode. In rescue mode you will be asked if similar steps should be followed, which need to be
followed in the installation. Once you get the # prompt, type the following command:

# chmod /mnt/sysImage

2. Edit the grub.conf file and remove the passwd line from the file. Save the file and exit.

3. Once your machine reboots, you will be able to start your Linux OS in the usual manner.
=================================================

Courtesy: ThinkDigit Forums

This guide illustrates three methods to break the grub password

===================================================
METHOD 1
===================================================
HOW TO RESET UR ROOT PASSWORD IF U FORGET IT

While Booting ( Redhat ) just press "e" in GRUB

u will find 3 lines of code..
Goto to the 2nd line press "e"again and type "1" in the end
then press ENTER..
Then press "b" and it will boot you into your shell..
Just type "passwd" and change your ROOT password...
don't need to know the old one..
===================================================
METHOD 2
===================================================
"I, uh, forgot the root password"

Let's look at recovering the root password from the boot loader. If you're using GRUB, then,
as GRUB loads up, highlight the Red Hat Linux entry on the GRUB menu and then press [E]
to edit the boot configuration. Locate the following line, something that looks like this:

kernel /boot/vmlinuz-2.4.20-0.70 root=LABEL=/hdc=ide-scsi

Type the number '1' at the end. Doing so boots the PC into run level 1-single user mode,
where you're automatically logged in as root. This done, type 'passwd' at the prompt. You can
enter a new password here.
===================================================
METHOD 3
===================================================
Question.
I am doing a project on Linux platform. Someone has added the GRUB password to the
computer on which I am working and has also changed the root password. I can crack the
root password, if there is no Grub password, from the initial screen (i.e. from the init 1); but
with the GRUB password. While reading LinuxForYou, I saw your section and thought you
may be able to help.

Answer.
To break the GRUB start-up password, follow the steps given below:

1. Boot the system with the first Linux CD. At the boot prompt, type linux rescue to switch to
rescue mode. In rescue mode you will be asked if similar steps should be followed, which
need to be followed in the installation. Once you get the # prompt, type the following
command:

# chmod /mnt/sysImage

2. Edit the grub.conf file and remove the passwd line from the file. Save the file and exit.

3. Once your machine reboots, you will be able to start your Linux OS in the usual manner.
===================================================

‹ Antivirus: Desktop protection for LinuxupCreating a virtual disk to "hide" files ›

 2 comments

by linuxprosun on Sat, 2005-09-03 04:17

hi,
after using 1st CD in rescue mode and it while finds out the linux image you have to use
# chroot /mnt/sysimage --> currently, the linux is virtual, and chroot changes the / to the
original filesystem which is currently mounted on /mnt/sysimage

wheread chmod is used to change the file permissions

bye
prosun

by vandanajha on Wed, 2012-03-21 05:56

thnxs linuxprosun. it worked & i am completely new to linux..

II Breaking/resetting the GRUB password

« on: June 18, 2005, 12:59:40 PM »

===================================================
METHOD 1
===================================================
HOW TO RESET UR ROOT PASSWORD IF U FORGET IT
While Booting ( Redhat ) just press "e" in GRUB
u will find 3 lines of code..
Goto to the 2nd line press "e"again and type "1" in the end
then press ENTER..
Then press "b" and it will boot you into your shell..
Just type "passwd" and change ur ROOT password...
dont need to know the old one..
===================================================
METHOD 2
===================================================
"I, uh, forgot the root password"

Let's look at recovering the root password from the boot loader. If you're using GRUB, then,
as GRUB loads up, highlight the Red Hat Linux entry on the GRUB menu and then press [E]
to edit the boot configuration. Locate the following line, something that looks like this:

kernel /boot/vmlinuz-2.4.20-0.70 root=LABEL=/hdc=ide-scsi

Type the number '1' at the end. Doing so boots the PC into run level 1-single user mode,
where you're automatically logged in as root. This done, type 'passwd' at the prompt. You can
enter a new password here.
===================================================
METHOD 3
===================================================
Question.
I am doing a project on Linux platform. Someone has added the GRUB password to the
computer on which I am working and has also changed the root password. I can crack the
root password, if there is no Grum password, from the initial screen (i.e. from the init 1); but
with the GRUB password. While reading LinuxForYou, I saw your section and thought you
may be able to help.

Answer.
To break the GRUB start-up password, follow the steps given below:

1. Boot the system with the first Linux CD. At the boot prompt, type linux rescue to switch to
rescue mode. In rescue mode you will be asked if similar steps should be followed, which
need to be followed in the installation. Once you get the # prompt, type the following
command:

# chmod /mnt/sysImage

2. Edit the grub.conf file and remove the passwd line from the file. Save the file and exit.

3. Once your machine reboots, you will be able to start your Linux OS in the usual manner.
===================================================

That's all folks...

 III. A few days back we looked at how to password protect your GRUB boot entries
so that a password is required before anyone can boot the operating system or edit the
boot entry.

Let’s look at some ways you can use to reset your Linux system’s password. You might
know that the root user can change the password for any other user. However what if you
forget your root password? This is what we would attempt to achieve here.

So, how to reset password in Linux?

To reset your root password (or any other account’s password for that matter), there are
essentially two different situations which require varying approaches.

When you can use GRUB

If you have GRUB installed and you have accesses to edit boot parameters of selected entries
then the job is as easy as it can get. Follow along and you shall have root access in no time.
Once you have root access you can pretty much do anything you want to do!

 Highlight the GRUB entry for the Linux installation that you want to reset the password for.
 Press ‘e’ to edit. Select the Kernel line. Add ‘single’ at the end of the kernel line. Press ‘b’ to
boot. If your system still requires you to enter the root password, add init=/bin/bash at the
end. Press ‘b’ to boot.
  Either you would be taken to the root prompt directly or shown the recovery menu from
where you can choose the root prompt. Use passwd <username> to change the password
for any account.

 Type reboot to reboot the system and then log in in with your new password.

Also, note that some distributions will create a recovery mode entry during install. If you
have the recovery mode entry listed in GRUB, you need not do any of the above, just choose
the recovery mode and then choose root prompt at the screen that follows.

When you can’t use GRUB

If you are unable to use GRUB for whatever reasons (like password protected entries) you
can still reset the password using a Live CD (I will be using Ubuntu Live CD, you may use
any other). Just follow the steps below to achieve this:

 Boot from the Live CD

 Choose “Try Ubuntu without any changes to your computer”

 When the system is ready, fire up a terminal window and get ready for some command line
action
 Type sudo fdisk -l. In the output we are concerned to know which partition Linux is installed
on and what name the hard disk is using. (e.g) in this case it is /dev/sda1 is the required
partition. If you are sure about the partition you can skip this step.

 Next we need to mount the Linux partition. Create a directory to act as mount point for the
partition. Use ‘sudo mkdir /media/linx_part‘
  Mount the linux partition using the command ‘sudo mount /dev/sda1 /media/linx_part‘

 Change Root to the mount directory – ‘sudo chroot /media/sda1‘

 Type passwd and then enter the new password to change the password.

 Type reboot to restart the system.

Have you ever attempted such a password recovery? How did you go about it? Have some
other nice tricks to show off? Let us know in the comments.