Find the answer to your Linux question:
Results 1 to 7 of 7
Hi everyone I've done something sooooo stupid and noobie like that I haven't yet stopped hitting my head against a wall. It was really unlike me to do something quite ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2012
    Posts
    4

    SSH password problem / lockout (really really stupid thing done)


    Hi everyone

    I've done something sooooo stupid and noobie like that I haven't yet stopped hitting my head against a wall. It was really unlike me to do something quite this stupid without testing so leave out that 'YOU DID WHAT!?' statements as I've already berated myself enough...

    The story goes like this:

    - Bought a dreamplug embeded plug computer (no gui ssh access only)

    - Set up the ssh so it was working fine. Was using root as I hadn't yet set up any new users not in that group

    - (This is the stupid bit - I'd had a drink) Reset the root password using 'usermod -p <text pwd not crypt) root (ARGGHHHH)

    - Quite obviously not now able to log in via SSH. Panic.

    - Took the microsd out and put it into another system and cleared the password out of the '/etc/shadow' file.

    - Tried logging into ssh again with the microsd back in the system booted up -still getting access denied:

    root__192.168.2.2's password:
    Permission denied, please try again.
    root__192.168.2.2's password:
    Permission denied, please try again.
    root__192.168.2.2's password:
    Permission denied (publickey,password).


    I am quite willing to put myself up as idiot of the week but would really prefer not to have to rebuild the debian system on the sdcard from scratch (especially as I'd probably have to buy the jtag unit to get it up again).


    Please help this fool out of a hole.

    Thanks in advance

    Martin

  2. #2
    Linux Engineer
    Join Date
    Apr 2012
    Location
    Virginia, USA
    Posts
    896
    I'm going to assume you see grub when you first turn on the system.
    You want to boot into single user mode. To do this, add a '1' to the end of the grub line (by pressing e or a or tab, I can't ever remember) before grub selects which OS to load.
    This will log you in directly as root. Run passwd from there.
    If you still can't do that, you should be able to edit /etc/inittab and change it to run level 1 on the other system, then boot the system and run passwd.

    Also, you can take the hash of the password from another system (as long as hash method is the same) and paste that into the appropriate section of /etc/shadow

  3. #3
    Just Joined!
    Join Date
    Jul 2012
    Posts
    4
    Mizzle

    Thankyou so much for taking the time to reply!

    I don't see any grub screen as there's no gui to view the boot but I should be able edit the inittab

    I guess I need to reset the grub setting after sorting out the password issue?

    Cheers!

  4. #4
    Linux Engineer
    Join Date
    Apr 2012
    Location
    Virginia, USA
    Posts
    896
    Here's a link with some more (basic) info: RunLevel - Debian Wiki

    The line you're looking to change on the locked out system (in /etc/inittab) is one that looks like this:
    /etc/inittab. E.g. id:2:initdefault:

    Change the number 2 (or whatever it is in your case) to a 1, save the file. Then, boot that system as normal, you'll be logged in as root no password required, and run passwd to set password. Then edit that file in vi or whatever editor you have, and change it back to what it was.

  5. #5
    Just Joined!
    Join Date
    Jul 2012
    Posts
    4
    I've just read somewhere else that ssh wont start in run level 1 so I guess I'll have to experiment with typing commands with no gui direct into the device then rebooting, turning off level 1 then rebooting again and testing ssh login.

    Cheers

  6. #6
    Linux Engineer
    Join Date
    Apr 2012
    Location
    Virginia, USA
    Posts
    896
    you should be able to (as I said in my first post) edit the /etc/shadow password file and copy/paste the hashed value from another system into that file.

  7. #7
    Just Joined!
    Join Date
    Jul 2012
    Posts
    4
    Mizzle

    Thank you very much for replying again - very kind of you to spend the time!

    I'm happy to say that this last suggestion worked!! I found a backup copy of the fs and within that a wonderful original shadow file to take the root line from!

    Thank-you very much for your help with this!!

    Martin

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •