Lost root password

Place to discuss Fedora and/or Red Hat
Post Reply
Buzza24
scripter
scripter
Posts: 59
Joined: Fri Mar 14, 2003 2:01 am
Contact:

Lost root password

Post by Buzza24 » Tue Dec 02, 2008 4:31 am

I have read some articles on the net, but I wanted to get you guys opinions.

I have recently discovered that someone has changed my root password. I would hate to say it but with the recent increase of activity my web server has gotten recently i cant exclude the possibility of a cracker.

What is the easiest method I can remote change the root password?
If it isnt possible to do it remotely (over ssh), then just the easiest way I can do it locally.

Thanks.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Tue Dec 02, 2008 6:59 am

If your system is configured properly I shouldn't be able to tell you how to change your root password remotely without being root. The only proper way that I can think of without exploiting some unpatched root exploit or backdoor that you may have put in is if you have set your account up with root equivalence using sudo.

Changing it locally with physical access to the box is trivial. Just boot it into single user mode and change it using the passwd command. To do that all you have to do is append a "1" or the word "single" as a parameter to the kernel command line. If you are using grub you would arrow to the kernel line you want to boot on the grub boot menu and then press the "a" key (for append) where you would add the new parameter, then press ENTER to boot it. Adding that parameter at boot time will not be a permanent change, it will only effect that boot. It will take you to a root shell where you can change the password. Type "exit" to exit the shell when finished and continue the boot in the normal run level.

Buzza24
scripter
scripter
Posts: 59
Joined: Fri Mar 14, 2003 2:01 am
Contact:

Post by Buzza24 » Tue Dec 02, 2008 5:24 pm

Thanks for that.

Looks like I will be doing it locally. In the future I might be looking to setting up sudo(which i Know isn't hard), or even a backdoor.

Post Reply