Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 19 Nov 2006 13:32:08 -0500
From:      Gabriel O'Brien <obrieng@nm.cbc.ca>
To:        David McCord <tech@gv.net>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: chpass -p dilema
Message-ID:  <4560A328.3030308@nm.cbc.ca>
In-Reply-To: <3.0.5.32.20061119095159.01729998@gv.net>
References:  <3.0.5.32.20061119095159.01729998@gv.net>

next in thread | previous in thread | raw e-mail | index | archive | help
David,

I doubt there's much you're going to be able to do other than reset the 
password.  'pjones' doesn't look like a valid password hash of any kind 
so I can't think of a way to crack it even if you wanted to do something 
like that.  Of course I will bow to anybody who has superior knowledge 
of crypt, etc. as this is not an area with which I have a lot of 
expertise. From my PoV, essentially what you are trying to do is crack 
the system at this point and unless you set it up poorly or are 
incredibly lucky I don't think it's worth the effort to bother, the only 
advantage you have over a random attacker is knowledge of the (invalid) 
password hash (and a regular user account to work from).

A couple of thoughts: do you use sudo on this system?  (If you don't you 
should consider it when you've resolved this problem, amongst other 
excellent features which might aid in remote administration, out of the 
box it only requires you to know your own password to become root.)  Is 
it possible to get somebody local at your datacentre to drop the system 
into single user mode and change the password?  Do you have any other 
back doors or accounts that run with elevated privs?

Even if the datacentre folks are not knowledgeable WRT FreeBSD/Unix you 
could guide them through the steps required pretty trivially ('boot -s; 
<enter>; passwd').  Of course there are risks in terms of security, but 
it all depends on your requirements and the criticality of this system, 
I know I personally wouldn't want to drive for 2 hours to reset a root 
password unless I really had to. I only mention this because at my 
workplace we have operators at our corporate datacentre who are 
non-technical (at least on our platforms) who we can and do occasionally 
walk through procedures that require local access when we are dealing 
with emergencies remotely.

Another thought for the future, whenever I do something that might have 
the potential to lock me out of the root account I make certain I have a 
second shell open somewhere that I can use to un-fudge whatever I just 
did and I only sit 7 floors away from most of the servers I'm 
responsible for and about a 10 minute subway ride from the rest!  Don't 
be too bummed out though, you will probably never do this again... I 
can't tell you how many commands and utilities I have learned inside out 
*after* I used them wrong and this one is pretty painless... no data loss!

Sorry I'm not of more help... good luck!

cheers,
Gabriel

-- 
Gabriel O'Brien
IT Analyst, MPS-EN-CBC.ca
w: 416-205-8740 m: 416-576-0088


David McCord wrote:
> Dear list,
> 
> I made a error that changed the root password to something unknown.
> Experimenting, I intended to change the password of pjones, but instead
> changed the root password since I gave no user argument. As root, I said:
> chpass -p pjones
> 
> I logged out then logged back in as my username, then su'd to root. Would
> not accept the old pw, and wouldn't accept pjones. I'm stuck with an
> unknown root password.
> 
> man chpass tells me the argument provided with -p is the encrypted password
> in crypt format, but doesn't provide enough detail to know where to go from
> here. I know I can go to the computer and startup in single user and change
> the root password. This computer is 2 hour round trip for me, which I'd
> like to avoid. Can anyone help?
> 
> Thanks,
> David
> 
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4560A328.3030308>