From owner-freebsd-questions  Wed Dec 24 07:31:01 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id HAA13636
          for questions-outgoing; Wed, 24 Dec 1997 07:31:01 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from ns1.cetlink.net (jeff@ns1.cetlink.net [209.54.54.10])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id HAA13631
          for <freebsd-questions@freebsd.org>; Wed, 24 Dec 1997 07:30:59 -0800 (PST)
          (envelope-from jeff@ns1.cetlink.net)
Received: (from jeff@localhost)
	by ns1.cetlink.net (8.8.7/8.8.5) id KAA13771;
	Wed, 24 Dec 1997 10:30:26 -0500 (EST)
Message-ID: <XFMail.971224103025.jeff@cetlink.net>
X-Mailer: XFMail 1.1 [p0] on FreeBSD
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <Pine.BSF.3.96.971224093432.9238B-100000@odyssey.apana.org.au>
Date: Wed, 24 Dec 1997 10:21:45 -0500 (EST)
Organization: CETLink.Net
From: Jeff Wheat <jeff@cetlink.net>
To: Dean Hollister <dean@odyssey.apana.org.au>
Subject: Re: Lost root password
Cc: freebsd-questions@freebsd.org, grcuerrier <grcuerrier@cnwl.igs.net>
Sender: owner-freebsd-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


On 24-Dec-97 Dean Hollister wrote:
>On Tue, 23 Dec 1997, grcuerrier wrote:
>
>> One of my techs entered a new root password, which he has forgotten.  Is
>> there any way a user with "wheel" access can reset the root password
>> without having to redo the whole server?
>
>Have you tried rebooting, then at the 'boot:' prompt, type:
>
>-s
>
>This will run a root shell, and you should be able to change the root
>passwd. There is a way to disable the feature, I recall it being in
>rc.conf somewhere.
>
>Regards,
>
>d.
>
>+-------------------------------------------------------+
>| Dean Hollister,           | dean@odyssey.apana.org.au |  
>| Perth, Western Australia. | deanh@iinet.net.au        |
>+-------------------------------------------------------+

If /etc/ttys has an entry of:

console none                            unknown off insecure

then booting with -s will prompt for a root password. To get 
around a lost password at this stage will require you to boot
off of a floppy. Here is what I have had to do in the past when
my root password was lost:

1) Boot from freebsd boot floppy
2) execute emergency shell
3) mount /dev/sd0a (or /dev/wd0a if using ide drives) /mnt
4) cd /mnt/etc
5) mv master.passwd master.passwd.save
6) mv passwd passwd.save
7) cp /etc/passwd passwd
8) cp /etc/master.passwd master.passwd
9) cd /
10) umount /mnt
11) reboot

This allowed me to boot off the harddrive and get a root
shell. At this point, I moved passwd.save and master.passwd.save to
passwd and master.passwd, issue passwd -l root and re-enter a new passwd.

Regards,
Jeff

-----------------------------------------------------------------------------
  Jeff Wheat                  jeff@cetlink.net             Senior Engineer
  CETLink.Net Inc.             South Carolina              +1.803.327.2754
-----------------------------------------------------------------------------