David,
I doubt there's much you're going to be able to do other than reset the
password. 'pjones' doesn't look like a valid password hash of any kind
so I can't think of a way to crack it even if you wanted to do something
like that. Of course I will bow to anybody who has superior knowledge
of crypt, etc. as this is not an area with which I have a lot of
expertise. From my PoV, essentially what you are trying to do is crack
the system at this point and unless you set it up poorly or are
incredibly lucky I don't think it's worth the effort to bother, the only
advantage you have over a random attacker is knowledge of the (invalid)
password hash (and a regular user account to work from).
A couple of thoughts: do you use sudo on this system? (If you don't you
should consider it when you've resolved this problem, amongst other
excellent features which might aid in remote administration, out of the
box it only requires you to know your own password to become root.) Is
it possible to get somebody local at your datacentre to drop the system
into single user mode and change the password? Do you have any other
back doors or accounts that run with elevated privs?
Even if the datacentre folks are not knowledgeable WRT FreeBSD/Unix you
could guide them through the steps required pretty trivially ('boot -s;
enter; passwd'). Of course there are risks in terms of security, but
it all depends on your requirements and the criticality of this system,
I know I personally wouldn't want to drive for 2 hours to reset a root
password unless I really had to. I only mention this because at my
workplace we have operators at our corporate datacentre who are
non-technical (at least on our platforms) who we can and do occasionally
walk through procedures that require local access when we are dealing
with emergencies remotely.
Another thought for the future, whenever I do something that might have
the potential to lock me out of the root account I make certain I have a
second shell open somewhere that I can use to un-fudge whatever I just
did and I only sit 7 floors away from most of the servers I'm
responsible for and about a 10 minute subway ride from the rest! Don't
be too bummed out though, you will probably never do this again... I
can't tell you how many commands and utilities I have learned inside out
*after* I used them wrong and this one is pretty painless... no data loss!
Sorry I'm not of more help... good luck!
cheers,
Gabriel
--
Gabriel O'Brien
IT Analyst, MPS-EN-CBC.ca
w: 416-205-8740 m: 416-576-0088
David McCord wrote:
Dear list,
I made a error that changed the root password to something unknown.
Experimenting, I intended to change the password of pjones, but instead
changed the root password since I gave no user argument. As root, I said:
chpass -p pjones
I logged out then logged back in as my username, then su'd to root. Would
not accept the old pw, and wouldn't accept pjones. I'm stuck with an
unknown root password.
man chpass tells me the argument provided with -p is the encrypted password
in crypt format, but doesn't provide enough detail to know where to go from
here. I know I can go to the computer and startup in single user and change
the root password. This computer is 2 hour round trip for me, which I'd
like to avoid. Can anyone help?
Thanks,
David
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
