On Tuesday 10 April 2007 18:08, Phil Beynon wrote: > > > Charles Bowman wrote: > > > > I ran PWCK > > > > then, when asked: > > > > > > > > #delete line `root:... > > > > > > > > I clicked yes... > > > > > > > > I am currently in SSH (as root) and desperate to generate the > > > > > > root account > > > > > > > again, otherwise I am looking at weeks worth of work and considerable > > > > downtime. > > > > > > > > I cannot get in via the web GUI, no password. > > > > > > > > Can anyone advise? > > > > > > > > -I am kicking myself so hard right now. > > > > > > Charles, > > > I wish I had better news for you.... but you've just toasted your box. > > > > > > Once you tell it to delete, it's gone. Ouch. > > > > > > -- > > > Chris Gebhardt > > > VIRTBIZ Internet Services > > > Hosting, Collocation, Dedicated Servers, Internet Access > > > (972) 485-4125 | http://www.virtbiz.com > > > > Charles, > > Don't do this until someone else confirms that it _might_ work as it may > > kick you out of you SSH session. > > > > Can't you reset the admin password on the Raq via the front panel of the > > machine, the root password is the same as the admin one, so > > shouldn't it be > > regenerated back to username admin / password admin via doing it that > > way? > > > > Only thing I could think of. > > > > Phil > > > > ------------------------------------------------------------------------- > >- I have 4 RaQ4's and have compared them: > > > > Normal Machine Screwed-up machine > > -------------- ------------------ > > /etc/shadow /etc/shadow > > has root entry NO ROOT ENTRY > > > > /etc/shadow- /etc/shadow- > > has root entry has root entry > > > > /etc/passwd /etc/passwd > > has root entry no entries at all! > > > > /etc/passwd- /etc/passwd- > > has root entry has root entry > > > > > > Therefore, can I copy "/etc/passwd-" over "/etc/passwd" > > and copy "/etc/shadow-" over "/etc/shadow" ? > > Or am I about to make a fixable situation completely stuffed? > > > > Thanks for your help, > > Charles > > Charles - not ever tried that, but it kind of seems too easy, in that if a > hacker gained just a quick access they could use a method like that to > blast in their copies and really gain control and lock out the real admin > almost instantly. > > Phil
Charles, Phil, Yes, you can do that (copy the dash [passwd- and shadow-] files back to the appropriate filename. The dash is the "backup" copy (so copy then don't move them). You will then need to create a /root directory and set its ownership and group, _then_ change the password for root/admin (via the ssh session) so that it syncs the shadow file (that you copied) with the system. (just issue the passwd command and follow the prompts). Before logging out of that session (after doing the above), login with another session and make sure it works, then login to the GUI and make sure that works. -- Larry Smith SysAd ECSIS.NET [EMAIL PROTECTED] _______________________________________________ Cobaltfacts site list [email protected] http://list.cobaltfacts.com/mailman/listinfo.cgi/cobaltfacts
