[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Need to change root password on production server.. help!

Posted on 2007-10-17
Medium Priority
Last Modified: 2013-12-04
I'm needing to change the root password on a production IBM AIX 5L Unix server and I was hesitant to do that because I'm not sure what could happen. Is there anything I should be concerned of and keep in mind when doing this (things tied to existing root password like processes, startups, etc)? Should I maybe do a search for my password within files? What's the syntax for searching for my password within files (there are about 200GB of files to look thru so this search can probably take days wouldn't it)? Anything else I should look at?
Question by:bemara57
LVL 46

Assisted Solution

by:Kent Olsen
Kent Olsen earned 400 total points
ID: 20093162
Hi bemara57,

Unless you've got the root password embedded in scripts or applications, simply changing the password shouldn't be an issue.

And if you do have the root password embedded in scripts or applications, you should draw and quarter whoever did it.

Good Luck,
LVL 48

Expert Comment

ID: 20096607
100% agree with Kent.
LVL 16

Accepted Solution

Hanno P.S. earned 600 total points
ID: 20099885
You can search for a certain string in all files with something like

# grep "string" `find /my/dir -type f -print`

String could be either the password itself or it's encrypted string (from /etc/shadow)
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 48

Assisted Solution

Tintin earned 400 total points
ID: 20103503
AIX doesn't use /etc/shadow.  From memory, it's a file in /etc/security
LVL 16

Expert Comment

by:Hanno P.S.
ID: 20107067
Right: It should be in /etc/security/passwd
LVL 62

Assisted Solution

gheist earned 600 total points
ID: 20112437
Run this to locate scripts with root's password embedded:
find / -type f | xargs file 2>/dev/null | grep script | awk -F: '{print $1}' | xargs grep -c "password" | grep -v :0

After that migrate dangerous scripts to sudo (from www.bullfreeware.com, or from IBM's RPM CD, or aixpdslib)

After you are done change password and listen who complains.

Please post "oslevel -r" output to make me suggest correct package for your system.

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses
Course of the Month20 days, left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question