root pw not recognized

Red Knuckles · 02-23-2006, 02:37 PM

Quote:

Originally Posted by Red Knuckles

Ok, the files are edited. but I haven't figured out how to use my boot screen to log in as root. It is a Suse screen that lists:

Suse 10.0
Ubuntu
Suse 10.0 Failsafe
Memtest

With F-1 for Help and F-2 for Boot Options. I let it go to Suse 10.0 and press F-2 and type in 'root /dev/hda2' but that doesn't do it. Then when I get to the Suse login screen there don't appear to be any options which is odd as I have created 3 user accounts.

I went back to the login screen which is where you would login as root if you could. There really aren't any options there probably because it is set to auto login. When I get into Suse I still can't get root access. I either get error from gui:

Error-KDE su
su returned with error

or from terminal error:

xxxxxx@zzzzzz:~> su
su: incorrect password

I guess the question now is how can I login as root??? So I can set a root PW???

jomen · 02-23-2006, 03:13 PM

Quote:

Suse 10.0
Ubuntu
Suse 10.0 Failsafe
Memtest

By "login-screen" you really mean the menu you get when you boot the machine I suppose - the boot-loader (grub) menu...
just select suse and "return" - if you edited the files correctly...
no boot options - since you did not need them before

you do not select on the boot-screen if you want to login as root
There may be an option to boot into single user mode - this is what pljvaldez was referring to - but it did not work because you where still asked for a password of course...

I looked at the guide mentioned above - there was this in it:

Quote:

root:$s0m3fR1g9InMD5h45H:<numbers>:<more numbers>::::

Delete all values (the stuff between the columns) so that you get a line like this ...

root::::::::

it could be misundersood...
it looks a bit different on my system...

the important thing is:
-the values in these files (in both /etc/passwd and /etc/shadow) are separated by columns ( : )
-the password is represented by the very first of these values - so if you delete the values between the first and the second columns (not the columns itself - mind you!) the password virtually does not exist anymore

Next time you log in you might still be asked for a password - sorry for not verifying this at my machine

- you just give none - just press "return"
There you are as root - and the first thing to do would be to run:
passwd root
to set a new one
BTW: you do not have to chroot to do this - you can edit the files as soon as the partition is mounted (as root - from whatever rescue system you do it...)

pljvaldez · 02-23-2006, 03:16 PM

Okay, just to clarify. You did the chroot thing and reset the password to nothing.

Now you can get to the graphical login screen. Is that right? Or you don't get any graphical login screen?

Either way, press Alt+F2 and you should get a console login:

Code:

Suse 10.0 machinename tty2
machinename login:

Or something similar. For login, type root and for password hit enter (i.e. leave it blank).

This should let you be logged in as root. Then passwd root to set a new password.

Red Knuckles · 02-23-2006, 05:06 PM

Quote:

Originally Posted by pljvaldez

Okay, just to clarify. You did the chroot thing and reset the password to nothing.

Now you can get to the graphical login screen. Is that right? Or you don't get any graphical login screen?

Either way, press Alt+F2 and you should get a console login:

Code:

Suse 10.0 machinename tty2
machinename login:

Or something similar. For login, type root and for password hit enter (i.e. leave it blank).

This should let you be logged in as root. Then passwd root to set a new password.

Yes, I can get to the graphical login screen. Alt+F2 doesn't do anything. Why??? However pointing mouse to sessions gives me several options including 'console login' which I select. It then gives the line something like:
Suse 10.0 [i586] kernel2.6.13-15.8-default [tty1]
linux login:

I type in root and it responds "incorrect login". Note it does not ask for my password. Why??? At any rate that's where I'm at now. I do greatly appreciate your patience.

pljvaldez · 02-23-2006, 05:09 PM

Hmmm. Looks like you may have disabled root login... Let me google a bit to see how to re-enable it...

pljvaldez · 02-23-2006, 05:12 PM

Okay, login however you login and lets look at the file /etc/securetty. Tell me what is in it...

Red Knuckles · 02-23-2006, 05:17 PM

Quote:

Originally Posted by jomen

By "login-screen" you really mean the menu you get when you boot the machine I suppose - the boot-loader (grub) menu...
just select suse and "return" - if you edited the files correctly...
no boot options - since you did not need them before

you do not select on the boot-screen if you want to login as root
There may be an option to boot into single user mode - this is what pljvaldez was referring to - but it did not work because you where still asked for a password of course...

I looked at the guide mentioned above - there was this in it:

it could be misundersood...
it looks a bit different on my system...

the important thing is:
-the values in these files (in both /etc/passwd and /etc/shadow) are separated by columns ( : )
-the password is represented by the very first of these values - so if you delete the values between the first and the second columns (not the columns itself - mind you!) the password virtually does not exist anymore

Next time you log in you might still be asked for a password - sorry for not verifying this at my machine

- you just give none - just press "return"
There you are as root - and the first thing to do would be to run:
passwd root
to set a new one
BTW: you do not have to chroot to do this - you can edit the files as soon as the partition is mounted (as root - from whatever rescue system you do it...)

The login screen is where I select which user [of 3 in this case] to log into Suse. Note all 3 users are me this is a 1 person box in a 1 person house so my security concerns would be from the 'net not any physical presence. Sorry for the garbled language, I just didn't state my case well. The problem now seems to be that I HAVE edited the files in /etc/passwd [To remove the x ONLY] and /etc/shadow to remove the values ONLY {leaving root::::::, not sure exactly how many :]. Now when I try to log in as root [to set new PW] I get "incorrect login". It DOES NOT ask for password which may be the problem???

pljvaldez · 02-23-2006, 05:21 PM

Did you figure out what is in /etc/securetty?

Anyway, you should put in the following

Code:

console

ttyS0

tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8

pljvaldez · 02-23-2006, 05:29 PM

Also, make sure in /etc/passwd that the root line which you deleted the "x" from also has /bin/bash at the end.

jomen · 02-23-2006, 05:36 PM

ok. it is the display-manager you are talking about then - no going to single user from there...(without being root that is)
it is ALT+CTRL+Number_between_1_and_6 to get to a console from the display-manager shown by default.
Can't you login as a normal user - and then change the password for root in a terminal you open then?
/etc/securetty - check this!
and you might tell what command and where (in X or on Console) you tried.

Red Knuckles · 02-23-2006, 05:49 PM

"Did you figure out what is in /etc/securetty?"

On my box /etc security is a directory:

xxxxxx@zzzzzz:/etc/security> ls
access.conf fileshare.conf limits.conf pam_pwcheck.conf time.conf
chroot.conf group.conf pam_env.conf pam_unix2.conf

pljvaldez · 02-23-2006, 05:51 PM

It's not security, it's /etc/securetty.

Red Knuckles · 02-23-2006, 05:55 PM

Quote:

Originally Posted by jomen

ok. it is the display-manager you are talking about then - no going to single user from there...(without being root that is)
it is ALT+CTRL+Number_between_1_and_6 to get to a console from the display-manager shown by default.
Can't you login as a normal user - and then change the password for root in a terminal you open then?
/etc/securetty - check this!
and you might tell what command and where (in X or on Console) you tried.

I can log into Suse as regular user and use anything unless it requires root PW. To change root PW requires root access. When in terminal I try to go to su or su - I get:

ben@linux:~> su
su: incorrect password

Note, it does not ASK for PW it just says "incorrect password".

Red Knuckles · 02-23-2006, 05:58 PM

Quote:

Originally Posted by pljvaldez

It's not security, it's /etc/securetty.

Sorry, my noob mistake. Here it is:

#
# This file contains the device names of tty lines (one per line,
# without leading /dev/) on which root is allowed to login.
#
tty1
tty2
tty3
tty4
tty5
tty6
# for devfs:
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6

pljvaldez · 02-23-2006, 06:01 PM

Okay now what does the line for root look like from /etc/passwd?