so what happens if u forget ur root password?

statik213

Golden Member
Oct 31, 2004
1,654
0
0
forgot the root pwd on one machine for yesterday, it eventualy came back to me... but what do you do if u forget it?
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
so it's that easy? kinda scary....

Which explains why physical security is so important.

And actually, if you can edit the bootloader easily (i.e. you're using grub) you can pass the kernel the parameter 'init=/bin/bash' and instead of starting init which starts the normal bootup process you'll be given a root shell and can change the root password from there. You might have to remount the filesystem read-write with 'mount -o remount,rw /' depending on how the box is setup, but that's it.
 

stash

Diamond Member
Jun 22, 2000
5,468
0
0
It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: STaSh
It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?

I think he means that if you use EFS your data will be inaccessible in a useful manner if you use password recovery tools. Or something.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0

If you have sudo restricted that won't work. You would have to have it setup with an account allowed to run passwd for any account or any command at all.
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: Nothinman

If you have sudo restricted that won't work. You would have to have it setup with an account allowed to run passwd for any account or any command at all.

Yeah, but I don't have it restricted very well, and the title asked me how I'd do it. ;)
 

DidlySquat

Banned
Jun 30, 2005
903
0
0
Originally posted by: Nothinman
so it's that easy? kinda scary....

Which explains why physical security is so important.

And actually, if you can edit the bootloader easily (i.e. you're using grub) you can pass the kernel the parameter 'init=/bin/bash' and instead of starting init which starts the normal bootup process you'll be given a root shell and can change the root password from there. You might have to remount the filesystem read-write with 'mount -o remount,rw /' depending on how the box is setup, but that's it.

it's easier to boot knoppix cd and chroot or edit the passworfd files directly.
 

CTho9305

Elite Member
Jul 26, 2000
9,214
1
81
Originally posted by: n0cmonkey
Originally posted by: STaSh
It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?

I think he means that if you use EFS your data will be inaccessible in a useful manner if you use password recovery tools. Or something.

Correct.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
it's easier to boot knoppix cd and chroot or edit the passworfd files directly.

Hardly. How do you imagine that booting with 'init=/bin/bash' and then typing 'passwd' is more difficult?
 

Zugzwang152

Lifer
Oct 30, 2001
12,134
1
0
Originally posted by: n0cmonkey
Originally posted by: STaSh
It's just as easy for Windows as long as you don't use NTFS encryption, but if you do use encryption and forget your password your data is gone forever

I assume you mean encrypting a text file with the password in it, rather than encrypting the SAM database...?

I think he means that if you use EFS your data will be inaccessible in a useful manner if you use password recovery tools. Or something.

unless you remember the original password that was used to set the encryption, your files are lost forever, even if you regian access to the system by resetting the password.
 

stash

Diamond Member
Jun 22, 2000
5,468
0
0
unless you remember the original password that was used to set the encryption, your files are lost forever, even if you regian access to the system by resetting the password.

Yes I see now, this is true. However, words like 'forever' and 'never' don't have a place in crypto, unless you're talking about one-time pads. It would take an extraordinarily long time to brute force 256-bit AES encrypted ciphertext, but it is not impossible. And it is not unreasonable to assume that Rijndael will be broken, because of it's fairly simple mathemetical structure and because there is a somewhat small margin between the number of rounds in the spec and the number of rounds in successful attacks to date.