Using chroot to Recover root Passwords

Posted on June 3, 2008
Author: Sean Potter
Pages: 1 2
Tags:

chroot

Once the LiveCD has loaded, my first order of business was to mount the system in question's filesystems. This includes mounting the root filesystem where passwords are stored, and mounting dev and proc to this filesystem.

livecd gentoo / # mount /dev/sda1 /mnt/gentoo
livecd gentoo / # mount -t proc none /mnt/gentoo/proc
livecd gentoo / # mount -o bind /dev /mnt/gentoo/dev

With that complete, I'm ready to chroot in to the filesystem and change the password. Keep in mind that with many distributions, you must specify what shell you wish to use. In my case, I use bash, which resides in /bin.

livecd gentoo / # chroot /mnt/gentoo /bin/bash

As I'm running Gentoo on the host system as well, I'll also need to update the environment and profile.

livecd / # env-update && source /etc/profile

Now that the chroot is complete, I'm free to change the password.

livecd / # passwd

And there it is. I've successfully changed the system's password so I'm once again able to log in to the machine. All that's left to do is exit the chroot environment and reboot the machine.

livecd / # exit
livecd / # cd /mnt
livecd mnt / # umount gentoo/proc/ gentoo/dev/ gentoo/
livecd mnt / # reboot

Conclusion

Utilizing a Linux LiveCD, it's simple to "rescue" a given Linux box that has had it's root password changed or forgotten. Of course, this also creates a security risk in business-critical machines. If an employee were to use this on a business server to gain root access, the business would be in some form of trouble (provided the IT Department doesn't know what they're doing).

Regardless of this, LiveCDs with chroot provide excellent personal tools for setting new root passwords when a password is forgotten. Some other options aside from Gentoo's are: Ubuntu, Knoppix, and openSUSE.

Jump to page:

blog comments powered by Disqus