5 Years
Discussion Span
Last Post by mike_2000_17

Boot with a live cd/dvd/usb drive, mount the root file system on the hard drive to some local mount point such as /mnt/sysroot (you will have to create the directory first), then you can, as root in the live system, edit the /etc/shadow file to remove the password for the user account, then edit the /etc/sudoers file to allow that user to sudo to root. Reboot to the hard drive, login as the user, sudo su - to get to root, and then change root's password.

I know, your eyes are rolling around the back of your head about now, right? :-) So, here are the steps above in a list:

  1. Boot from a live cd/dvd/usb drive
  2. Login to the system as root
  3. Create a mount point for the system drive: mkdir /mnt/sysroot
  4. Mount the system root file system on the new mount point. For Red Hat / Fedora systems, this is usually /dev/sda3, but it may not be. You can see what the system partitions are with the command "fdisk -l /dev/sda". Assuming it is /dev/sda3, do this: mount /dev/sda3 /mnt/sysroot
  5. Edit /mnt/sysroot/etc/shadow with vi and find the user account. If the user's name is jones, then find the line that starts with "jones:" and delete the long bit of gobledygook that follows up to the next colon ':', leaving the rest of the line alone.
  6. Save the file and exit vi.
  7. Edit /mnt/sysroot/etc/sudoers and add this line (assuming that 'jones' is the user account): jones ALL=(ALL) NOPASSWD: ALL
  8. Save and quit from the sudoers file.
  9. Reboot the system from the hard drive.
  10. Login as the user (jones).
  11. Open a console window.
  12. Switch to root with the command: sudo su -
  13. As root, run the passwd command and change the root account's password to something you want.
  14. Exit from root back to jones.
  15. Change jones' password also with the passwd command.
  16. Logout and see if you can log back in as root or jones using the appropriate passwords.

All of this proves one thing, that if you have physical access to a system, and it is not using some sort of full-disc encryption, you can do anything you want. :-)


I'm only noob-intermediate when it comes to linux but wouln't you also need to go back into the /etc/sudoers and change jones to jones ALL=(ALL) ALL
so that jones cannot just login to root with out a password?

After you have changed both the root and user (jones) passwords of course.


Another simpler solution that doesn't involve a live CD and all this fiddling with the system files is to simply boot into single-user mode. I had this happen to be a couple of times, grabbing a dusty old Linux box that noone had the password for, booting into single-user mode and just resetting the password with passwd command takes about 5 minutes at most.

Edited by mike_2000_17

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.