Saturday, May 26, 2007

Remove the UNIX root Password

From time to time, passwords are lost or forgotten - even root's password. One way of removing the root password is to boot to single user mode from an installation cdrom. Mount the root, /, partition and blank out the encrypted password field in the shadow file. Here's an illustration.

ok boot cdrom -s

# mount /dev/dsk/c0t0d0s0 /mnt

# more /mnt/etc/shadow
root:9Zpah2q.zd.JJu:13832::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
...

# vi /mnt/etc/shadow
root:BLANK THIS FIELD OUT:13832::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
...
:wq!

# cd /
# umount /mnt
# reboot -- -s

Change the root password in single user mode (don't need to add "root" but I do it for clarification.
# passwd root
passwd: Changing password for root
New password:
Re-enter new password:
passwd (SYSTEM): passwd successfully changed for root

4 comments:

Dick said...

If you run passwd as root, you don't need to give the existing password before setting a new one.

So there's no need to do anything with the password file, just boot single user.

esofthub said...

How about if I don't know the root password in the first place? That's what this situation is implying.

Newbie_Admin said...

Thank you esofthub. I think this information will be useful to me in my upcoming endeavor.

Unfortunately, my root password has expired, and console login was disabled for root. It seems my only option is to follow the steps you have provided. Even more unfortunately, the SA who ran the system before me disabled the CDRom drive! Somehow I've got to figure out how to get that back online so that I can restore root's password. Any ideas?

esofthub said...

Newbie_admin,

Most SA's will move S92volmgt from its normal startup location, /etc/rc2.d. Try going to the /etc/init.d directory and manually starting up the vold

# /etc/init.d/volmgt start