From owner-freebsd-questions@FreeBSD.ORG Sun Nov 19 18:32:59 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 58FF416A407 for ; Sun, 19 Nov 2006 18:32:59 +0000 (UTC) (envelope-from obrieng@nm.cbc.ca) Received: from mail02.nm.cbc.ca (mail02.nm.cbc.ca [159.33.1.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id 12EC743D6B for ; Sun, 19 Nov 2006 18:32:01 +0000 (GMT) (envelope-from obrieng@nm.cbc.ca) Received: from hub.cbc.ca (hub.nm.cbc.ca [192.168.1.119]) by mail02.nm.cbc.ca (Postfix) with ESMTP id 23479272CF8; Sun, 19 Nov 2006 13:32:11 -0500 (EST) Received: from localhost (localhost.cbc.ca [127.0.0.1]) by hub.cbc.ca (Postfix) with ESMTP id F37906A458; Sun, 19 Nov 2006 13:32:10 -0500 (EST) Received: from hub.cbc.ca ([127.0.0.1]) by localhost (hub.cbc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 27230-02-2; Sun, 19 Nov 2006 13:32:09 -0500 (EST) Received: from [172.30.69.101] (hub.cbc.ca [159.33.1.155]) by hub.cbc.ca (Postfix) with ESMTP id 75AAA6A44A; Sun, 19 Nov 2006 13:32:09 -0500 (EST) Message-ID: <4560A328.3030308@nm.cbc.ca> Date: Sun, 19 Nov 2006 13:32:08 -0500 From: Gabriel O'Brien User-Agent: Thunderbird 1.5.0.7 (X11/20060918) MIME-Version: 1.0 To: David McCord References: <3.0.5.32.20061119095159.01729998@gv.net> In-Reply-To: <3.0.5.32.20061119095159.01729998@gv.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at hub.cbc.ca Cc: freebsd-questions@freebsd.org Subject: Re: chpass -p dilema X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Nov 2006 18:32:59 -0000 David, I doubt there's much you're going to be able to do other than reset the password. 'pjones' doesn't look like a valid password hash of any kind so I can't think of a way to crack it even if you wanted to do something like that. Of course I will bow to anybody who has superior knowledge of crypt, etc. as this is not an area with which I have a lot of expertise. From my PoV, essentially what you are trying to do is crack the system at this point and unless you set it up poorly or are incredibly lucky I don't think it's worth the effort to bother, the only advantage you have over a random attacker is knowledge of the (invalid) password hash (and a regular user account to work from). A couple of thoughts: do you use sudo on this system? (If you don't you should consider it when you've resolved this problem, amongst other excellent features which might aid in remote administration, out of the box it only requires you to know your own password to become root.) Is it possible to get somebody local at your datacentre to drop the system into single user mode and change the password? Do you have any other back doors or accounts that run with elevated privs? Even if the datacentre folks are not knowledgeable WRT FreeBSD/Unix you could guide them through the steps required pretty trivially ('boot -s; ; passwd'). Of course there are risks in terms of security, but it all depends on your requirements and the criticality of this system, I know I personally wouldn't want to drive for 2 hours to reset a root password unless I really had to. I only mention this because at my workplace we have operators at our corporate datacentre who are non-technical (at least on our platforms) who we can and do occasionally walk through procedures that require local access when we are dealing with emergencies remotely. Another thought for the future, whenever I do something that might have the potential to lock me out of the root account I make certain I have a second shell open somewhere that I can use to un-fudge whatever I just did and I only sit 7 floors away from most of the servers I'm responsible for and about a 10 minute subway ride from the rest! Don't be too bummed out though, you will probably never do this again... I can't tell you how many commands and utilities I have learned inside out *after* I used them wrong and this one is pretty painless... no data loss! Sorry I'm not of more help... good luck! cheers, Gabriel -- Gabriel O'Brien IT Analyst, MPS-EN-CBC.ca w: 416-205-8740 m: 416-576-0088 David McCord wrote: > Dear list, > > I made a error that changed the root password to something unknown. > Experimenting, I intended to change the password of pjones, but instead > changed the root password since I gave no user argument. As root, I said: > chpass -p pjones > > I logged out then logged back in as my username, then su'd to root. Would > not accept the old pw, and wouldn't accept pjones. I'm stuck with an > unknown root password. > > man chpass tells me the argument provided with -p is the encrypted password > in crypt format, but doesn't provide enough detail to know where to go from > here. I know I can go to the computer and startup in single user and change > the root password. This computer is 2 hour round trip for me, which I'd > like to avoid. Can anyone help? > > Thanks, > David > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"