[NBLUG/talk] Lost Passwords

Andrew argonaut at softhome.net
Fri Mar 25 00:36:56 PST 2005 

Ian Sutherland wrote on Wed, 23 Mar 2005 08:31:36 -0800:

> Thanks for the response. There is no "shadow" file in
> /mnt/hdd3/etc.

So you're not using shadowed passwords? When you look in
/etc/passwd, do some of the entries actually have something other
than "x" in the second field? That's not very secure since
anyone, even non-privileged users, can see the encrypted
passwords and run a password cracker against them. I can't think
of any good reason not to use shadowed passwords these days.

But that's something to be fixed later. Right now, let's just get
your system up and running again (if you haven't done it
yourself, yet). Use either Augie's instructions to start Debian
in single-user mode or my instructions to go in through Knoppix
and make your /etc/passwd (not shadow) file writeable. Then
delete root's encrypted password as I described earlier. The root
entry should now look like this:

root::0:0:root:/root:/bin/bash

Save it. Reboot Debian the normal way. You should now be able to
log in as root without a password. Set a new password for root.
After you've done this, you can make other changes, if necessary.


> I checked the permissions for /home/ian; 
> 
> User 6058
> Group dip
> 
> /home/ian1;
> 
> User 1001
> Group sslwrap

Well, ian1, at least, looks OK. Here you are seeing Knoppix's
interpretation of the ownership of those two directories. I would
expect the ian1 directory to have a numeric User ID and Group ID
of 1001 if that user was the second non-privileged user that you
created on your Debian system. If you look in Knoppix's (not
Debian's) /etc/passwd and /etc/group you will see there is no
entry for UID 1001 in /etc/passwd but there *is* an entry for GID
1001 in /etc/group, and that it's mapped to the group name
"sslwrap". Hence the output you see above for ian1.

The ian directory, however, seems strange to me. Assuming ian was
the first regular user that you created on your Debian system,
that user should have a numeric UID and GID of 1000 and the
ownership of /home/ian should reflect that. Instead, the
directory is owned by UID 6058 and GID 30. (If you look in
Knoppix's /etc/group, you'll see that GID 30 corresponds to
"dip".) This is definitely unusual. After you do the above
procedure and get yourself logged in to your Debian system as
root, send us the sanitized (no passwords!) output from these
three commands:

ls -l /home | grep ian
grep ian /etc/passwd
grep ian /etc/group

and we'll fix the ownership of your home directories.

A.


> On Wed, 23 Mar 2005 01:10:19 -0800, "Andrew"
> <argonaut at softhome.net> said:
> > Ian Sutherland wrote on Tue, 22 Mar 2005 22:30:14 -0800:
> > 
> > > Whatever I did, none of the passwords, root, users, work at
> > > login of Debian sarge.
> > [snip]
> > > I tried accessing /etc/passwd from Knoppix to install a new
> > > user but it's read only.
> > [snip]
> > 
> > Remember, Knoppix bends over backwards to make sure you don't
> > accidentally screw up the data on your hard disk. This
> > includes mounting hard disk partitions read-only unless you
> > specifically choose to mount them read-write.
[snip a bunch of instructions]

More information about the talk mailing list