From owner-freebsd-questions@freebsd.org Mon Jul 27 09:58:46 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C3DF937CF01 for ; Mon, 27 Jul 2020 09:58:46 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BFZyF4rdMz4l3n for ; Mon, 27 Jul 2020 09:58:45 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de ([94.222.203.242]) by mrelayeu.kundenserver.de (mreue107 [212.227.15.183]) with ESMTPA (Nemesis) id 1MFL4B-1k2Skb3xYf-00FnSh; Mon, 27 Jul 2020 11:58:41 +0200 Date: Mon, 27 Jul 2020 11:58:40 +0200 From: Polytropon To: Jiang Xu Cc: "freebsd-questions@freebsd.org" Subject: Re: how to reset login in freebsd if the password is expired Message-Id: <20200727115840.2c1912ca.freebsd@edvax.de> In-Reply-To: <1595842414286.43801@citrix.com> References: <1595842242103.79959@citrix.com> <1595842414286.43801@citrix.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K1:8YEyB4rXd19jUY+LCme9/6/5x0OVouf6q7mgEyzdj8Haje7kRiT TnSvaPGUknwWdXTzfQndC3Ge9vJcJwBlblQm92mUiMNdeVvDK5CJHM8qMu4yQuy277QyTzf JlP/U0IA0f4p1KFmwWFTfZ+CVPdsqbmiFZYY2Flq0Miqw4y31wMrJQgP/PYvboBCTJUthhm 6ZhgTaKK6JP2ATVedrLpw== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:mkILrV5pyds=:BbKUWdst5Jb6rkHLD7R6tn 5uhE6D2LMK6dPHcSbWUlKksTmrVE0Um9tI8jjtCTfG8f+HsCJQhPQgEAtTucgiXYwh9+EVhCq kyqniyPUL6v4xlYpg2DnoB6yfGw6NCZYJ/c8bQdMwjWwiHrQe2diIbzU4xJUMbgdDh7BUNQGK VeePl0PhDrO9NP/y7at1zjpQBPVavbjtrsOdIEn5DRCUC+tFbrjlg6FJ0ufAfegfzD2Xjsskv 5+v732BJBj5j/BXoK1ME4Ftek341Oej+bjxW4SSpAvITUlmVsfPT9783yJr4xZZ4t2fDnkuVi IJPzWqx/hzAMZzHNJ4h1j5usKTP/PmrgUDkgtVbmutfSElbDSpMKWRedHXQx18oY28gWr71Tu VH3SPbLgZtNOpKApbKY0fl/l2/Ri+2oLX1PBsHbO2bT9j9Q4PMHIoUJgEwl38wxb5xqVV2Idb Hwvc8Z/S9zvlCj314vtg0Bhu1kbzj/GGLv5rhssfSSDlBU9u2avRPc0pOxtYbEXq/oF1pnU9V ms+RpT43Svgw7h7Um57NAjCEcNSTWTWAkSe7duW/9RJmOI0X4T7ixkBNpak5NVmbJ4fMST9Cc mJV/DjjN1Qjw091AxqB6M3fmnZ8dDWT9YOwp7oQn1cFElRQginRpqFQ4GgdXwqE/Oobp9674M iOkhgl8waTM1fqavd+/OXPY3AXJ2sUBTlEtjJcbW1f+6btc8u0bQgzlJl585pT+PB5mBOCtPQ 9zpHi2Fmz2k3z4c69A1qb4HQfmpYH7EnQgxX6Z3ouSu1icvm5z59jkXzzOQeyYMQsPpeCQFkg GC0GQmaye1P/LxTXH74TWh9NHtYWDvX6KUcdTQffxWSrEgRMQnZD7e8WAm64fFe2wNa+lGL X-Rspamd-Queue-Id: 4BFZyF4rdMz4l3n X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd@edvax.de has no SPF policy when checking 212.227.17.24) smtp.mailfrom=freebsd@edvax.de X-Spamd-Result: default: False [3.14 / 15.00]; HAS_REPLYTO(0.00)[freebsd@edvax.de]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; HAS_ORG_HEADER(0.00)[]; NEURAL_HAM_SHORT(-0.59)[-0.591]; RCPT_COUNT_TWO(0.00)[2]; RECEIVED_SPAMHAUS_PBL(0.00)[94.222.203.242:received]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; ARC_NA(0.00)[]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[edvax.de]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.85)[0.852]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.48)[0.481]; MID_CONTAINS_FROM(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[212.227.17.24:from]; R_SPF_NA(0.00)[no SPF record]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.17.24:from]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2020 09:58:46 -0000 On Mon, 27 Jul 2020 09:33:34 +0000, Jiang Xu wrote: > I set the root login to be expired in 90 days, and we forget > to update the password of the login, and the password is expired, > and now we can not login in on it? but we can access the disc > with attach it to another instance, is there any way to reset > the expired password? If you can boot the system on that disk in single-user mode (and /etc/ttys says your console is marked "secure"), you can login as root _without_ a password (an emergency shell is started after the single-user mode boot process has been completed). Mount the root partition r/w and make whatever changes are needed ("passwd root" or "pw" command). If that is not possible, you could manually remove the encrypted password from /etc/master.passwd and manually rebuild the password databases /etc/pwd.db and /etc/spwd.db. See "man 1 passwd", "man 5 passwd" and "man 8 pwd_mkdb" as well as "man 8 pw" for further details. Some more hints and examples here: https://forums.freebsd.org/threads/corrupt-password-file-s.46264/ I assume you have not enabled a "toor" user, which you could also use... ;-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...