how can i change root password linux without knowing it but being logged in as root?
hello,
how can i change root password linux without knowing it but being logged in as root?
what I did:
system# passwd root
Changing password for root.
Enter login(LDAP) password: "currentpassword"
New Password: "rootroot DELTE CTRL+C I don't know what I did"
Bad password: too short
Reenter New Password: CTRL+C ENTER
LDAP password information changed for root
Now the problem is I don't know the root password but I can connect as root on another server and then ssh to this.
A little help please!
Thank you!
how can i change root password linux without knowing it but being logged in as root?
what I did:
system# passwd root
Changing password for root.
Enter login(LDAP) password: "currentpassword"
New Password: "rootroot DELTE CTRL+C I don't know what I did"
Bad password: too short
Reenter New Password: CTRL+C ENTER
LDAP password information changed for root
Now the problem is I don't know the root password but I can connect as root on another server and then ssh to this.
A little help please!
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
farzanj
You have to log on to the LDAP server where you should have /etc/slapd.conf or you can also look for /etc/ldap.conf file. It depends upon the type of LDAP server you have.
Is it a physical server, or virtual? Easy option is to access the console and boot in single user mode
@celazkon"
Are you sure going to single user mode would change the LDAP password for root? How would it help if LDAP is not even connected?
The asker is asking about changing the root password given that he doesn't have the existing password. He already has the root prompt which is what you would get going to single user mode. But to change the LDAP password, he should come the LDAP route, IMHO.
Are you sure going to single user mode would change the LDAP password for root? How would it help if LDAP is not even connected?
The asker is asking about changing the root password given that he doesn't have the existing password. He already has the root prompt which is what you would get going to single user mode. But to change the LDAP password, he should come the LDAP route, IMHO.
Can you boot to single user mode or otherwise use an alternate boot and mount the partition that contains /etc ?
If you can do that, I'd make backup copies of /etc/shadow and /etc/passwd and then clear out the password fields.
If you can do that, I'd make backup copies of /etc/shadow and /etc/passwd and then clear out the password fields.
if you are logged in as root, then just passwd will do.
if you don't log in as root, but have sudo rights, then sudo su - will get you logged in as root, THEN you can run passwd
one of the peculiarities of account 0 is that it doesn't ask for the old password in passwd, even if its changing password for root.
if you don't log in as root, but have sudo rights, then sudo su - will get you logged in as root, THEN you can run passwd
one of the peculiarities of account 0 is that it doesn't ask for the old password in passwd, even if its changing password for root.
I think what every one is ignoring is the fact that the root password is also stored in LDAP. Whenever I implemented LDAP, I kept root an exception but some people centralize that as well.
With LDAP you cannot change even root password without knowing the current password even if you are root.
With LDAP you cannot change even root password without knowing the current password even if you are root.
@farzani
Your right, I didn't realize that the user needs to change the centrally managed root account's password. My suggestion is of course valid only for local root.
Your right, I didn't realize that the user needs to change the centrally managed root account's password. My suggestion is of course valid only for local root.
Thanks Celazkon
I still believe the right way is to access through the config files of ldap server. It frequently contains server password and with that you should be able to change the root password in the ldap
I still believe the right way is to access through the config files of ldap server. It frequently contains server password and with that you should be able to change the root password in the ldap
ASKER
Hello,
Sorry for the delayed answer, being afk but working. The problem was solved that day without seeing your responses, with support's help :( but after many cruel hours. The main problem was that passwd didn't take into consideration CTRL+C (the system is running a modified linux).
Bellow it's the procedure applied:
2. As root user, edit file /etc/openldap/slapd.conf:
> vi /etc/openldap/slapd.conf
Remove the comment from the beginning of line 76: rootpw "password"
Save the file.
3. Find the slapd process and kill it:
> ps -ef | grep slapd
> kill <found process id>
Note: The slapd process restarts immediately, it can be checked with a repeated "ps -ef | grep slapd".
4. You can now change the LDAP password of the root user using the password from the slapd.conf file (in step 2):
> passwd --cluster root
Changing cluster password for "root".
New password: <enter a new password>
Re-enter new password: <re-enter the new password>
Enter LDAP Password: <enter here the rootpw password from the /etc/openldap/slapd.conf file>
Cluster password of "root" has been changed.
5. Edit the /etc/openldap/slapd.conf, and comment out the line 76:
# rootpw "password"
Save the file.
6. Find the slapd process and kill it:
> ps -ef | grep slapd
> kill <found process id>
Sorry for the delayed answer, being afk but working. The problem was solved that day without seeing your responses, with support's help :( but after many cruel hours. The main problem was that passwd didn't take into consideration CTRL+C (the system is running a modified linux).
Bellow it's the procedure applied:
2. As root user, edit file /etc/openldap/slapd.conf:
> vi /etc/openldap/slapd.conf
Remove the comment from the beginning of line 76: rootpw "password"
Save the file.
3. Find the slapd process and kill it:
> ps -ef | grep slapd
> kill <found process id>
Note: The slapd process restarts immediately, it can be checked with a repeated "ps -ef | grep slapd".
4. You can now change the LDAP password of the root user using the password from the slapd.conf file (in step 2):
> passwd --cluster root
Changing cluster password for "root".
New password: <enter a new password>
Re-enter new password: <re-enter the new password>
Enter LDAP Password: <enter here the rootpw password from the /etc/openldap/slapd.conf file>
Cluster password of "root" has been changed.
5. Edit the /etc/openldap/slapd.conf, and comment out the line 76:
# rootpw "password"
Save the file.
6. Find the slapd process and kill it:
> ps -ef | grep slapd
> kill <found process id>