Peter Mac

Recovering the root password

A client who shall remain nameless recently required the installation of some spam filtering software (spamassassin) on their linux mail server. Not a problem I thought. “All I need is root access” I said. “Huh” he said. Turns out the their system administrator of 5 years had left to go travelling around Europe and no-one could remember where he left the folder with all the system documentation.  No root password, no history of what was installed when, no history of custom configuration changes. Nichts, Nada!

Question: How to get root access to a machine without the root password.

1. Reboot and select the grub ‘recovery’ option – you can get to this from the boot menu or if you have a linux box with a single boot option, hold down the shift key during boot (occasionally the escape key works – watch the messages during the boot sequence).

2. The next screen to display will present you with a couple of sub-options. You need to select the ‘Drop to root shell prompt’.

3. You should now be presented with a prompt sign. Now’s your chance to reset the password for the appropriate user. Enter passwd [username] where [username] is the name of the …you get the drift.

4. Next enter the new password and buy a 15ft billboard ad to display across the road from your client’s site. Of course the ad will display the encrypted version of the password:)