You are on page 1of 17

Subscribe To Our New sletter: Email

Search: Search

News

Features

Blogs

White Papers

Archives

Special Editions

Shop

Desktop Network

Development Administration

Hardware

Security

Server

Programming

Operating System

Software

Home linux-magazine.c om Online Features Resetting Passw...

Resetting Passwords with SystemRescueCd


SystemRescueCd
By James Stanger If youre locked out of your Linux or Windows system, a handy Live Linux troubleshooting distro might be all you need to get back in. Well show you how to pick the lock with SystemRescueCd.
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

Issue 151/2013
Content Order Print Issue Subscribe
pdfcrowd.com

Getting locked out of your Linux or Windows system is a frustrating experience. These days, not being able to log in to your system might be worse than getting locked out of your car; at least with a car you can get a ride home or contact a locksmith to get back in. However, if youre locked out of your Linux system, youre really not going to find a competent ready-made service to come to your rescue. But never fear: The open source community offers some powerful tools for helping you reset passwords. For instance, the GRUB and LILO boot managers offer some recovery options. If you need something more versatile, the SystemRescueCd disk project provides a number of tools for resetting passwords and recovering your system. SystemRescueCd doesnt just reset passwords in your Ubuntu, Red Hat, or Linux Mint system: It can also help you recover access to your Windows computer. GRUBs System Recovery Mode Sometimes you dont need a specialized tool like SystemRescueCd to get back on your system. The traditional Unix/Linux single-user mode might be all you need. If your system uses the GRUB bootloader, you can enter Linux single mode through GRUBs Recovery Mode and boot menu options. (An equivalent process is also available for the LILO bootloader; see the box titled Using LILO.)

BUY THIS ISSUE AS A PDF

Tag Cloud
Android Bruce Byfield Gnome KDE Linux Pro Magazine Open Source Projects Red Hat Ubuntu events foss free software google linux

News

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

News
FSF Outs the World Wide Web Consortium over DRM Proposal
Richard Stallman calls for the W3C to remain independent of vendor interests.

Debian 7.0 Debuts


The new release supports nine architectures, 73 human languages, and zero non-Free components. Recovery Mode is available to you no matter what Linux flavor you are using (e.g., Ubuntu 12.04 Precise Pangolin, Red Hat Enterprise Linux 6, Fedora 16, or Linux Mint 12). When using GRUB to enter Linux single-user mode, first, make sure you have removed any and all external drives or connections. More than once, Ive confused the issue by trying to mount external USB drives and other devices when I was working to recover my primary hard disk. When youre sure youve stripped things down to the bare bones, boot your system so the GRUB menu is showing and choose the kernel into which you want to boot. Usually, you will boot into the first kernel listed on the menu, but you can make sure youre booting into the latest version by reading the numbers the higher the number, the more current. You can choose the kernel by simply hitting the Up or Down arrow key.
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

Alpha Version of Fedora 19 Released


Fedora developers release the first alpha version of Fedora 19, known as Schrdingers Cat, for general testing. The final release is expected in July 2013.

ack 2.0 Released


ack is a grep-like, command-line tool that has been optimized for programmers to search large trees of source code.

SUSE Studio 1.3 Released


pdfcrowd.com

Once youve selected the kernel version, press the e key to edit the entry. In the simple text editor, choose the line starting with the word kernel (usually the second line on your screen). After selecting the kernel line, press the e key to edit the kernel entry. Append the following to the end of the kernel line:
S

SUSE

New features in SUSE Studio 1.3 include enhanced cloud integration, VM platform support, and lifecycle management.

Xen To Become Linux Foundation Collaborative Project


AMD , Citrix , google , Intel , Oracle

Yes, just use the letter S, without quotes. You can also use the word Single without quotes. When you press Enter, you will exit the editor and be placed back at the GRUB menu. The menu will now have the modified kernel line (e.g., the line with the capital S at the end). To boot into Linux single-user mode, press the b key. Youll know youve entered Linux single-user mode once you see a simple root prompt, denoted by the hash mark (#). You wont see any other information on the prompt as you normally would (e.g., the username, system name, or current directory).

The Linux Foundation recently announced that the Xen Project is becoming a Linux Foundation Collaborative Project.

RunRev Releases Open Source Version of LiveCode


Android , linux , Mac , Windows

Open source version of LiveCode is now available for developing apps, games, and utilities for all major platforms.

OpenDaylight Project Formed


Citrix , IBM , Microsoft , Red Hat , VMware

OpenDaylight is an open source software-defined networking project committed to furthering adoption of SDN and
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

Usually, you can simply reset the password using the passwd command at this point (see the Warning: Dont Misuse This Information box). However, depending on how your system is configured, you might need to mount some partitions: /proc/, /var/, or the root directory itself (/):
# mount -t proc proc /proc # mount -o remount,rw /

adoption of SDN and accelerating innovation in a vendor-neutral and open environment.

Gnome 3.8 Released


Gnome , ownCloud

Once youre at the prompt, enter


passwd

The new Gnome release includes privacy and sharing settings, allowing more user control over access to personal information.

and press Enter. You will be prompted to enter a new password, so go ahead and do so and press Enter to confirm your choice. Next, you can reboot the system with the reboot command, log in to the root account, and change any other passwords as necessary. Rescuing with SystemRescueCd SystemRescueCd is a Live Linux distribution similar to Knoppix. The distribution is designed for system troubleshooting, which means it lets you: change user passwords in Linux or Windows systems, including the passwords for the root and Administrator accounts; check the integrity of existing partitions; create new partitions or format existing partitions using the parted tool or the graphical equivalent, GParted (Figure 1); and
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

Mozilla and Samsung Collaborate on New Browser Engine


Mozilla , samsung

Mozilla is collaborating with Samsung on a new web browser engine called Servo.

pdfcrowd.com

recover files from unbootable Linux or Windows systems.

Figure 1: With GParted, you can create, edit, and format partitions. Of course, most of the troubleshooting tools found on SystemRescueCd are available for other Linux distributions as well. The basic procedures described in this article will work with other Live Linux troubleshooting distros, although the details might vary. In this case, Im using SystemRescueCd as an example of how to reset passwords by booting the system from a Linux Live disk. I should add

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

I should add that

SystemRescueCd uses the Zsh command shell by default, which could be confusing for users who are accustomed to the Bash shell. Every once in a while when using SystemRescueCd, I get a funky error message that tells me I am using the wrong shell. If you are not familiar with Zsh and would prefer to work in Bash, you can easily change the shell from Zsh to Bash by entering the following export command:
export SHELL=/bin/bash

Once youve downloaded the SystemRescueCd image from the project website, you can use any appropriate tool to burn the image to a CD or
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

a Flash drive. See the Using UNetbootin sidebar for more on burning the image to a USB stick.

Figure 2: Using UNetbootin to create a SystemRescueCd USB boot disk. Resetting Passwords Sometimes your system is damaged in a way that wont let you reset the password using Linux single-user mode. To reset a Linux-based password in SystemRescueCd, start by booting to the SystemRescueCd Live system. To find out which disk partition contains the /etc directory, use fdisk .
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

The /etc partition is usually on the root (/) drive. See the command and output in Listing 1. Listing 1: Listing Partitions with fdisk
01#fdisk-l DeviceBootStartEndBlocksIdSystem /dev/sda16314458472261deDellUtility /dev/sda2145408433971120971527HPFS/NTFS/e xFAT /dev/sda3*4339712165822455807413727HPFS/NTF S/exFAT /dev/sda416582293023443654434306807+5Extende d /dev/sda516582299323152877932852893+83Linux /dev/sda6231528843234436544145385182Linuxsw ap/Solaris

In Listing 1, the /dev/sda5 directory is the main partition, as revealed by its size and partition type, so you will need to mount this partition. To do so, first create a directory that will act as a mountpoint:
mkdir /mnt/bootdir

Now, mount the Linux partition to your SystemRescueCd partition:


mount /dev/sda5 /mnt/bootdir

The chroot command lets you access it easily:


open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

chroot /mnt/system

Now, you can reset your password using the passwd command,
passwd <newpassword>

where newpassword is the new password you want to use.

The umount command unmounts the partition, after which you can reboot. Once you log back in to your troubled Linux system, youll be able to use the root account with the new password youve specified.
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

Mounting Disks Once you have accessed the system with SystemRescueCd, you dont have to go stampeding to the passwd command and then rush out again. If necessary, you can mount drives and edit key files. In fact, once you enter Linux single-user mode, you can edit and browse through directories or make changes to critical text files. For example, instead of using the passwd command, you could edit the /etc/shadow file directly and remove the password information. To do this, mount the partition that contains the /etc directory this is usually the root partition and enter the command:
# mount -rw / /mnt/partition

If necessary, create the /mnt/partition directory. Once youve mounted the / partition, simply use vi, Emacs, or another text editor to access the /etc/shadow file and edit the file so that the user account of your choice (e.g., the root account) no longer contains the hashed password information. Then, unmount this partition, reboot, and access your Linux system in a standard session. At this point, youll be able to log in to the account without specifying a password. Resetting GRUB Boot Password Protection But, you ask, what if you have password-protected GRUB and have forgotten that password? Isnt it impossible to get past this password to enter single-user mode? With SystemRescueCd, you can mount the /boot partition, or the root (/) partition, as discussed above. To begin, switch to the /boot/grub/ directory and copy the unedited file
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

to the same directory under a new name:


cp /boot/grub/menu.lst /boot/grub/menu.lst_bak

This is an important step, just in case you edit the file incorrectly. In a text editor, edit the /boot/grub/menu.lst file and look for the following line:
password -md5 $1$gLhU0/$aW78kHK1QfV3P2b2znUoe/

Now, comment out the password entry and save your changes. Then, unmount the directory and reboot your system. Once youve taken these steps, youll be able to bypass the GRUB password. Resetting Passwords on a Windows System You can use the tools on your disk to boot into a Windows partition as well. Suppose you want to boot into Windows and change the password for a user account. To begin, boot into SystemRescueCd and using fdisk to list existing partitions like this:
fdisk -l

Next, look for an NTFS partition that appears to be the Windows system partition. For example, you might see a line that reads:
/dev/sda3 (NTFS)
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

Once you have found the correct NTFS drive (Ill assume it is /dev/sda3), use the ntfs command:
ntfs -3g /dev/sda3 /mnt/windows -o force

This command mounts the NTFS drive on /dev/sda3 onto your local /mnt/windows/ drive. If this drive isnt available, create it as follows:
mkdir /mnt/windows

Once youve mounted the NTFS drive onto the /mnt/windows/ drive, change to it:
cd /mnt/windows/Windows/System32/config

Now, you are ready to use the chntpw command to list the Windows accounts in the SAM database:
chntpw -l SAM

The result of the preceding command will be a list of user account names. Next, you can select the account name that requires a password reset. In this case, Ill assume you want to change the account of a user named James Stanger:
chntpw -u "James Stanger"
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

Once you issue the above command, you will see a menu of various options. To reset the password, press 1 and Enter. You will be asked to confirm that you want to reset this account, so press the y key and Enter. The account is now reset. To reboot, enter the reboot command and press Enter. Youll find you can get into your account (e.g., James Stanger) without entering a password. SystemRescueCd makes it pretty easy. The preceding steps will simply change the password. If you want to get full read-write access to a Windows disk, you can enter the command
ntfs-3g /dev/sda1 /mnt/windows

and then youll be able to mount the disk and copy or even write files to it. I would recommend, however, simply copying files from your Windows system; writing to another filesystem is always fairly risky, especially one that isnt based on Linux. Once you have mounted your Windows drive, you can then simply navigate through it using the cd command as you would a Linux system more or less. Conclusion Now you know how to give your system passwords the boot. Although you might be able to reset your passwords in Linux single-user mode, accessed through the GRUB (or LILO) bootloader, SystemRescueCd offers another, more versatile alternative. I suppose its worth reiterating
open in browser PRO version
Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

I suppose its worth reiterating here that youre not supposed to use these tools for malicious purposes. And by malicious, I mean youre not supposed to use these tools to break into someone elses system or view information and data that isnt meant for you. If I need to spell this out further, I suggest you get out of techie mode for a bit and take a good ethics class. At any rate, SystemRescueCd is a powerful tool. Enjoy using it responsibly! Info [1] UNetbootin

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

0 comments Leave a message...

Best

No one has commented yet.

Comment feed

Subscribe via email

Glossary

2013 Medialinx AG
Are you a developer? Try out the HTML to PDF API

open in browser PRO version

pdfcrowd.com

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com