[sf-lug] recovery from loss of root password

Michael Cheselka cheselka at gmail.com
Wed Sep 19 14:07:20 PDT 2007

Hello Alex,

You can mount the drive and then chroot to it in recovery/single-user mode.

mkdir /tmp/hda1
mount /dev/hda1 /tmp/hda1
chroot /tmp/hda1

This has the advantage that you don't boot up with a passwordless root
account.  Now-a-days, you would have to go through the logical volume

lvchange -a y VolGroup00
mkdir /tmp/LogVol00
mount /dev/VolGroup00/LogVol00 /tmp/LogVol00
chroot /tmp/LogVol00


On 9/19/07, Kristian Erik Hermansen <kristian.hermansen at gmail.com> wrote:
> On 9/18/07, Alex Kleider <a_kleider at yahoo.com> wrote:
> > Recovering from loss of root password:
> >
> > There are a couple of documented methods of recovering when a root
> > password is forgotten:
> > 1. if boot loader is lilo, the boot: Linux init=/bin/sh option is
> > supposed to provide a shell with root privileges and further details
> > are documented in the Debian tips chapter (8) of the Debian Reference
> > Unfortunately this is of little use since Debian now uses GRUB, not
> > LILO.
> > Preliminary question: is there an equivalent GRUB boot option?
> As far as I know, init=/bin/sh is just an option being passed to the
> kernel, so this works exactly the same way using GRUB.  Correct me if
> I am wrong here.  I haven't used lilo since probably 2001, heh...
> Another more unusual way to recover the root credentials is to log on
> as a normal user and then elevate to id=0 via a localized kernel
> exploit.  Then just reset your passwd...
> --
> Kristian Erik Hermansen
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug

When in the Potemkin Wired be a Potemkin Lain.

More information about the sf-lug mailing list