Difference between revisions of "Lost Password"

Latest revision as of 13:45, 9 May 2014

This page has been migrated to a document on Free Geek's Google Drive.

Information remaining behind may no longer be relevant.

MIGRATOR:

When you have tagged this page as migrated,
please add a link to the new document on Google Drive.

(Link to new page immediately below.)

The following applies to most linux boxen. It can be used to recover a lost password and is also called "rooting" the box.

Booting into Single User Mode with GRUB

Ubuntu 10.04

Note that after performing step 1 you have a limited time to perform step 2, so please read the instructions fully before beginning the process.

Power on the computer (shut it down first or simply reboot if it is already running).
When the BIOS information or manufacturer's logo "splash" screen appears start holding down the right shift key. If your computer does not usually display BIOS information or a manufacturer's logo you may need to start holding down the shift key immediately after pressing the power button.
After a few seconds you will see the GRUB menu, which is characterized by a lines that will say ...kernel 3.2.... If the system continues to boot normally and arrives at the regular login screen or desktop you will need to restart and try again. If you are repeatedly failing to reach the GRUB menu try quickly and repeatedly tapping the shift key until the menu appears instead of just holding it down.
Hit the down arrow key (usually only once) until it arrives on the first line that ends with recovery mode and press enter.
Select "Root" from the recovery mode menu that appears to enter a shell environment with root privileges.
You should now see a prompt at the bottom of the screen that reads

  root@freekbox:~#

Proceed to "Resetting the Password" section of this page.

Xubuntu 12.04

Note that after performing step 1 you have a limited time to perform step 2, so please read the instructions fully before beginning the process.

Power on the computer (shut it down first or simply reboot if it is already running).
When the BIOS information or manufacturer's logo "splash" screen appears start holding down the right shift key. If your computer does not usually display BIOS information or a manufacturer's logo you may need to start holding down the shift key immediately after pressing the power button.
After a few seconds you will see the GRUB menu, which is characterized by a lines that will say ...kernel 3.2.... If the system continues to boot normally and arrives at the regular login screen or desktop you will need to restart and try again. If you are repeatedly failing to reach the GRUB menu try quickly and repeatedly tapping the shift key until the menu appears instead of just holding it down.
Hit the down arrow key (usually only once) until it arrives on the first line that ends with recovery mode and press enter.
Select "Root" from the recovery mode menu that appears to enter a shell environment with root privileges. Note that until further steps are completed your file system will be in "read only" mode and you will not be able to make any persistent changes to the system.
You should now see a prompt at the bottom of the screen that reads

  root@freekbox:~#

To mount the file system in read/write mode, type in the following command at the prompt;

  mount -o remount,rw /

Resetting the Password

To reset your password you need to be able to specify the username for which the password is to be changed. Note that the name displayed on your login screen may not be the same as your formal username, instead being a "friendly" name that you provided at some point. For example, if your name on the login screen reads something like "John Doe" then that is almost certainly the "friendly" name, while your formal username is likely to be something more like "jdoe".

If you're unsure what the exact username you need to add is, type the following command:

  cat /etc/passwd

A large list will appear, containing lines such as

  root:x:0:0:root:/root:/bin/bash
  bin:x:1:1:bin:/bin:/bin/false
  jsmith:x:1000:100:John Smith:/home/jsmith:/bin/bash

In that example the first two lines are system accounts, but the third line is a user account that could be granted sudo access, with the first word of it (jsmith) being the correct username. User accounts can be distinguished by the number after the second ":" being 1000 or greater, and they will usually be towards the bottom of the list. If the list is particularly long and you don't see anything that fits the criteria (often the case when the Guest account has been used a lot) you may need to scroll up the list by pressing Shift+PageUp. Press PageDown to return to the command prompt below the list.

Once you have identified your username, enter the following command with your specific username substituted:

 passwd yourusername

You will be prompted to enter a new password, then to enter the password a second time to confirm nothing was mistyped.

Once you've updated your password you can restart the system by entering the command

reboot

After a few seconds your system will reboot. The recovery menu may display again briefly before the computer restarts but will continue to reboot without any input. If you are presented with the GRUB menu again while rebooting then simply press the Enter key to select the first item on the menu and normal startup will continue.

Temporary Password Change

Use a temporary password change to gain access to a specific user account for troubleshooting without permanently changing or removing the user's password.

Follow instructions above for Lost_Password#Booting_into_Single_User_Mode_with_GRUB to reach the root prompt in recovery mode, but do not reset the password yet.

Enter the following command, substituting today's date (in a numeric format such as 20140128) for 'DATE'.

cp /etc/shadow /etc/shadow.bak.DATE

This creates a backup copy of the shadow file, which contains all user passwords in an encrypted format, for later restoration. The .bak.DATE are just to remind you that it's a backup created on that date.

Continue following the password reset instructions at Lost_Password#Booting_into_Single_User_Mode_with_GRUB to set a new password for the account you need to access.

With the changed password you should now be able to complete whatever troubleshooting tasks are necessary.

Once you are ready to restore the user's password you will need to reach the root prompt in recovery mode as previously instructed, then run the following command, substituting the previously entered date for 'DATE':

cp /etc/shadow.bak.DATE /etc/shadow

Verify the backup shadow file was restored correctly by running the command

ls -la /etc/shadow

Compare the output of that command to this:

-rw-r----- 1 root shadow 1939 Oct 24 15:39 /etc/shadow

Most of that information will vary from the example and can be disregarded, but make sure that the section that reads "root shadow" is correct, as that indicates which user and group owns the file and must be correct to be able to log in to the system normally. If that section reads something other than "root shadow" then run the following command:

chown root:shadow /etc/shadow

Re-run the ls -la /etc/shadow command and verify that the output now matches.

You should now be able to reboot the system and the user's password will be restored to whatever it was when the backup was created.

Live CD method

If the box does not use grub to boot, one can boot the box using a live cd or a System Rescue CD (download one here), then login as root (not necessary with System rescue CD) and proceed by entering the following commands one by one (hit enter after each line).

mount /dev/sda1 /mnt
chroot /mnt
passwd username    (replace username with the username you're trying to reset, or "oem" if it has not been changed.
sync
reboot

To find your username you can use ls /home

Reset root password

start the computer booting up
After a few (or 10 or 20) seconds you will see a screen that says... Grub Loading...3..2..1.
During this screen, quickly press Esc, to go to the grub menu
Next you will see several lines that start with Ubuntu, kernel 2.6..., this is the GRUB menu.
Select the first line in the list and press 'e'
You should see something along the lines of

root   (hd0,0)
kernel /boot/vmlinuz-2.6.24-27-generic root=UUID=3deb56... ro quiet splash
initrd /boot/initrd.imb-2.6.24-27-generic
quiet

Select the second line and press 'e' again.
Remove 'ro quiet splash' from the end of the line and add 'rw init=/bin/bash'. Hit enter.
Press 'b'. The box will now boot up and you will get a prompt that says 'root@(none):/#'
At the prompt enter

/usr/sbin/usermod -p '!' root

Restart the computer.

Reset Root password CD version

This method involves editing /etc/shadow by hand to get rid of the password.

start the computer and insert the system rescue CD for the password reset.
mount the directory by typing mount /dev/sda1 /mnt
edit /mnt/etc/shadow with vi
remove everything between the first and second colons (:) and replace it with ! (exclaimation mark)
reboot the tower and remove the system rescue cd

@@ Line 1: / Line 1: @@
+{{Migrated}}
+[https://docs.google.com/document/d/1BoeY2M321pI5HwZhBxd7Ny032MQvpYaNviInjHlGSm0/edit?usp=sharing]
 The following applies to most linux boxen.  It can be used to recover a lost password and is also called "rooting" the box.
@@ Line 17: / Line 21: @@
 Proceed to "Resetting the Password" section of this page.
-===Ubuntu 12.04 ===
+===Xubuntu 12.04 ===
 ''Note that after performing step 1 you have a limited time to perform step 2, so please read the instructions fully before beginning the process.''
 #Power on the computer (shut it down first or simply reboot if it is already running).
@@ Line 34: / Line 38: @@
 ===Resetting the Password===
+To reset your password you need to be able to specify the username for which the password is to be changed. Note that the name displayed on your login screen may not be the same as your formal username, instead being a "friendly" name that you provided at some point. For example, if your name on the login screen reads something like "John Doe" then that is almost certainly the "friendly" name, while your formal username is likely to be something more like "jdoe".
+If you're unsure what the exact username you need to add is, type the following command:
+   cat /etc/passwd
+A large list will appear, containing lines such as
+   root:x:0:0:root:/root:/bin/bash
+   bin:x:1:1:bin:/bin:/bin/false
+   jsmith:x:1000:100:John Smith:/home/jsmith:/bin/bash
+In that example the first two lines are system accounts, but the third line is a user account that could be granted sudo access, with the first word of it (jsmith) being the correct username. User accounts can be distinguished by the number after the second ":" being 1000 or greater, and they will usually be towards the bottom of the list. If the list is particularly long and you don't see anything that fits the criteria (often the case when the Guest account has been used a lot) you may need to scroll up the list by pressing Shift+PageUp. Press PageDown to return to the command prompt below the list.
+Once you have identified your username, enter the following command with your specific username substituted:
+  passwd yourusername
+You will be prompted to enter a new password, then to enter the password a second time to confirm nothing was mistyped.
-#At the root prompt, enter
+Once you've updated your password you can restart the system by entering the command
-  passwd yourusername
+ reboot
-replace 'yourusername' with the username you're trying to reset, or 'oem' if it has not been changed
-If you are unsure of the users name, enter the following command;
+After a few seconds your system will reboot. The recovery menu may display again briefly before the computer restarts but will continue to reboot without any input. If you are presented with the GRUB menu again while rebooting then simply press the Enter key to select the first item on the menu and normal startup will continue.
-  ls /home
-This will show all the users that have a folder in the /home directory. The names listed here are the user names.
-#It will request that you enter a new password, and then once more to confirm. The screen will not show input as you are typing.
-#Once the new password has been entered correctly, you will receive a message indicating that; '''passwd: password updated successfully''' Please take note of the password and store it in a safe place.
-#type reboot to restart the computer.
+==Temporary Password Change==
-# Alternatively type startx  and you will be put in a graphical environment where you can use the normal tools.
+Use a temporary password change to gain access to a specific user account for troubleshooting without permanently changing or removing the user's password.
-==Shadow Folder Method==
+Follow instructions above for [[Lost_Password#Booting_into_Single_User_Mode_with_GRUB]] to reach the root prompt in recovery mode, but do not reset the password yet.
-There are two methods to do this.  One which will create a one-time use password for their account which then blanks the password on subsequent logins, and another which will permanently reset their password until you reset it.  If the Shorter Way doesn't work, use the Longer Way.  Remember to reset their password when you are done!
-Also note that if they have a Root Password set you will need to use the [[#Live CD Method]] to reset it.
+Enter the following command, substituting today's date (in a numeric format such as 20140128) for 'DATE'.
+ cp /etc/shadow /etc/shadow.bak.DATE
+This creates a backup copy of the shadow file, which contains all user passwords in an encrypted format, for later restoration. The <code>.bak.DATE</code> are just to remind you that it's a backup created on that date.
-===The Shorter Way===
+Continue following the password reset instructions at [[Lost_Password#Booting_into_Single_User_Mode_with_GRUB]] to set a new password for the account you need to access.
-This method temporarily replaces the /etc/shadow directory and allows you to reset their password so you can login.
-#Login via Terminal (alt-ctrl-F2 from GUI login, OR drop into Root Shell via Recovery Mode).
-#Run :
- cp /etc/shadow /etc/shadow.bak.(ISO DATE)
-This copies the contents of the Shadow directory to a new directory for backup later.  .bak simply reminds you it's a backup, and the ISO Format preserves the date.  ISO = Year Month Day.  September 24th, 2011 = 20110924.
-#Run :
- passwd (username) -e
-This will reset the password of the defined username.  The "-e" modifier will expire the defined password after one use.  This will result in there being NO password for that account after the defined password expires.  Note that this must be run as root. If you have not logged in via root shell you will need to use this code instead :
- sudo passwd (username) -e
-#Set their password to "freegeek".
-#Reboot.  Their password should have successfully been reset.  If you still want to confirm their password has been reset, please follow [[#Restoring Their Old Shadow Directory]].
-===The Longer Way===
+With the changed password you should now be able to complete whatever troubleshooting tasks are necessary.
-This method temporarily replaces the /etc/shadow directory and allows you to reset their password so you can login.
+Once you are ready to restore the user's password you will need to reach the root prompt in recovery mode as previously instructed, then run the following command, substituting the previously entered date for 'DATE':
+ cp /etc/shadow.bak.DATE /etc/shadow
-#Login via Terminal (alt-ctrl-F2 from GUI login, OR drop into Root Shell via Recovery Mode).
+Verify the backup shadow file was restored correctly by running the command
-#Run :
+  ls -la /etc/shadow
-  cp /etc/shadow /etc/shadow.bak.(ISO DATE)
+Compare the output of that command to this:
-This copies the contents of the Shadow directory to a new directory for backup later.  .bak simply reminds you it's a backup, and the ISO Format preserves the date.  ISO = Year Month Day.  September 24th, 2011 = 20110924.
+  -rw-r----- 1 root shadow 1939 Oct 24 15:39 /etc/shadow
-#Run :
+Most of that information will vary from the example and can be disregarded, but make sure that the section that reads "<code>root shadow</code>" is correct, as that indicates which user and group owns the file and must be correct to be able to log in to the system normally. If that section reads something other than "<code>root shadow</code>" then run the following command:
-  passwd (username)
+  chown root:shadow /etc/shadow
-This will prompt for a new password for the designated user name (you can determine their user name from the "whoami" command).
+Re-run the <code>ls -la /etc/shadow</code> command and verify that the output now matches.
-#Set their password to "freegeek".
-#Reboot.  Their password should have successfully been reset.  You still must reset their password! [[#Restoring Their Old Shadow Directory]].
-===Restoring Their Old Shadow Directory===
+You should now be able to reboot the system and the user's password will be restored to whatever it was when the backup was created.
-#Login via Terminal (alt-ctrl-F2 from GUI login, OR drop into Root Shell via Recovery Mode).
-#Run :
- cp /etc/shadow.bak.[ISO DATE] /etc/shadow
-This copies the contents of the backed up Shadow directory to the current Shadow Directory.  You may need to verify the correct name of the backup by looking in the /etc directory.
-#Reboot
 ==Live CD method==
@@ Line 98: / Line 96: @@
 To find your username you can use <code>ls /home</code>
-==For Macs==
-For Mac computers at the yaboot prompt enter:
- Linux rw init=/bin/bash
-Once you get to the # prompt you will need to reset the terminal
- reset
-Now check the username
- ls /home
-and reset the users password
- passwd usernamehere
 ==Reset root password==