David,

I doubt there's much you're going to be able to do other than reset the password. 'pjones' doesn't look like a valid password hash of any kind so I can't think of a way to crack it even if you wanted to do something like that. Of course I will bow to anybody who has superior knowledge of crypt, etc. as this is not an area with which I have a lot of expertise. From my PoV, essentially what you are trying to do is crack the system at this point and unless you set it up poorly or are incredibly lucky I don't think it's worth the effort to bother, the only advantage you have over a random attacker is knowledge of the (invalid) password hash (and a regular user account to work from).


A couple of thoughts: do you use sudo on this system? (If you don't you should consider it when you've resolved this problem, amongst other excellent features which might aid in remote administration, out of the box it only requires you to know your own password to become root.) Is it possible to get somebody local at your datacentre to drop the system into single user mode and change the password? Do you have any other back doors or accounts that run with elevated privs?

Even if the datacentre folks are not knowledgeable WRT FreeBSD/Unix you could guide them through the steps required pretty trivially ('boot -s; <enter>; passwd'). Of course there are risks in terms of security, but it all depends on your requirements and the criticality of this system, I know I personally wouldn't want to drive for 2 hours to reset a root password unless I really had to. I only mention this because at my workplace we have operators at our corporate datacentre who are non-technical (at least on our platforms) who we can and do occasionally walk through procedures that require local access when we are dealing with emergencies remotely.

Another thought for the future, whenever I do something that might have the potential to lock me out of the root account I make certain I have a second shell open somewhere that I can use to un-fudge whatever I just did and I only sit 7 floors away from most of the servers I'm responsible for and about a 10 minute subway ride from the rest! Don't be too bummed out though, you will probably never do this again... I can't tell you how many commands and utilities I have learned inside out *after* I used them wrong and this one is pretty painless... no data loss!

Sorry I'm not of more help... good luck!

cheers,
Gabriel

--
Gabriel O'Brien
IT Analyst, MPS-EN-CBC.ca
w: 416-205-8740 m: 416-576-0088


David McCord wrote:
Dear list,

I made a error that changed the root password to something unknown.
Experimenting, I intended to change the password of pjones, but instead
changed the root password since I gave no user argument. As root, I said:
chpass -p pjones

I logged out then logged back in as my username, then su'd to root. Would
not accept the old pw, and wouldn't accept pjones. I'm stuck with an
unknown root password.

man chpass tells me the argument provided with -p is the encrypted password
in crypt format, but doesn't provide enough detail to know where to go from
here. I know I can go to the computer and startup in single user and change
the root password. This computer is 2 hour round trip for me, which I'd
like to avoid. Can anyone help?

Thanks,
David

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to