Softpanorama
May the source be with you, but remember the KISS principle ;-)

Contents Bulletin Scripting in shell and Perl Network troubleshooting History Humor

Solaris root password recovery

News Role engineering Recommended books Recommended Links Blueprints Solaris privileges sets How-to
user_attr prof_attr exec_attr auth_attr policy.conf    
Reference   sudo vs RBAC ACLs usage is roles Profile Shells Humor Etc

You need to have physical access to the machine's console.

Note the root partition Solaris uses:

Press the STOP and A keys simultaneously, or, on an ASCII terminal or emulator, send a <BREAK>) to halt the operating system, if it's running.

Boot single-user from CD-ROM (boot cdrom -s) or network install/jumpstart server (boot net -s). For CD media use the CD-ROM labeled "Installation". I prom pssword is set you need to know it

Mount the root partition on "/a". "/a" is an empty mount point that exists at this stage of the installation procedure. For example:

#mount /dev/dsk/c0t0d0s0 /a

If the mount command fails and since "/a" always exists, then you either typed in the wrong device, OR the system is seeing the root partition as something else.

Do a "ls /tmp/dev/dsk" and see what is there. "c0t6" things are the CD-ROM, what is left is what one needs to try. On a Blade 1000/2000,  choose /dev/dsk/c1t1d0s0, and execute: #mount /dev/dsk/c1t1d0s0 /a

Set your terminal type so you can use a full-screen editor, such as vi. You can skip this step if you know how to use "ex" or "vi" from open mode.

Edit the passwd file, /a/etc/shadow (or perhaps in older versions, /etc/passwd) and remove the encrypted password entry for root.

Type: "cd /; then "umount /a"

Reboot as normal in single-user mode ("boot -s"). The root account will not have a password. Give it a new one using the passwd command. PROM passwords: Naturally, you may not want anyone with physical access to the machine to be able to do the above to erase the root password. Suns have a security password mechanism in the PROM which can be set (this is turned off by default). The man page for the eeprom command describes this feature.

If security-mode is set to "command", the machine only be booted without the prom password from the default device (i.e. booting from CD-ROM or install server will require the prom password). Changing the root password in this case requires moving the default device (e.g. the boot disk) to a different SCSI target (or equivalent), and replacing it with a similarly bootable device for which the root password is known. If security-mode is set to full, the machine cannot be booted without the prom password, even from the default device; defeating this requires replacing the NVRAM on the motherboard. "Full" security has its drawbacks -- if, during normal operations, the machine is power-cycled (e.g. by a power outage) or halted (e.g. by STOP-A), it cannot reboot without the intervention of someone who knows the prom password.

 

Recommended Links

Softpanorama Top Visited

Softpanorama Recommended

how do I restablish shells Password recovery under Solaris 8.


1.      Put the installation CD into the CDROM drive and turn the machine on
2.      while booting, press the  Stop  and  A  key simultaneously; the Stop key
is at the top left on Sun Keyboards, or Send a CTRL-BREAK (CTRL-C) to the system if connecting thru the console; serial port.
3.      Either way, you should get {ok} prompt
4.      type  boot cdrom  s  and hit return without the quotes.
5.      The machine will be booting in a single user mode off of the cdrom
6.      When you get the hash prompt #, type cd /tmp and hit Enter
7.      Issue the command  mkdir /mnt  without the quotes and hit Enter. If any
errors, use the  p option; e.g., mkdir  p /tmp/mnt.
8.      Issue the command  mount /dev/dsk/c0t0d0s0 /tmp/mnt  and hit Enter. This will mount the old root / partition which is allows to modify the shadow file.
9.      If any errors with mount, run the command fsck /dev/rdsk/c0t0d0s0  y
without the quotes which should fix the disk problems. Mount using step 8
command.
10.     Issue the command  cd /tmp/mnt/etc and hit enter
11.     Now you should be able to see the shadow file which you can edit or copy from the old version; you saved a copy right?
12.     If you don t have the old password, just make the 2nd field blank
13.     If you need to change the shell, edit password file.
14.     Run fsck on other partitions as well such as /dev/rdsk/c0t0d0s7, etc.
15.     halt and restart the machine, e.g., init 6, or shutdown  g 0 y, or reboot, etc.
You should be able to login as before or just hit the enter for password.

 

Resetting root password

SUMMARY Solaris root password recovery

Solaris, password, secure, Sparc, root

KarKomaOnline - Lost Solaris password

Let's start by inserting the Solaris installation CD-ROM and then shutting down the system. Press...
     Stop-A

This will bring you the OK prompt. Now type:

     boot cdrom -s

and after a few minutes you will automatically be logged in as root in single user mode. It is possible that you get messages from your system claiming that some partitions were not cleanly unmounted. If this is the case check the partition as follows (assuming that your root partition is mounted on /dev/dsk/c0t0d0s0):

     fsck -y /dev/dsk/c0t0d0s0

Now mount your root partition...

     mount /dev/dsk/c0t0d0s0 /a

and edit /a/etc/shadow. Find root's entry in this file and remove the second field (encrypted root password) so it looks like...

     root::98765::::::

After making your change, save the file and reboot the system.

     reboot

You are now able to log into the system without a password for root. So now use the passwd command to set root's password.




Etc

Society

Groupthink : Understanding Micromanagers and Control Freaks : Toxic Managers : BureaucraciesHarvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Two Party System as Polyarchy : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

Skeptical Finance : John Kenneth Galbraith : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotes : Oscar Wilde : Talleyrand : Somerset Maugham : War and Peace : Marcus Aurelius : Eric Hoffer : Kurt Vonnegut : Otto Von Bismarck : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce : Oscar Wilde : Bernard Shaw : Mark Twain Quotes

Bulletin:

Vol 26, No.1 (January, 2013) Object-Oriented Cult : Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks: The efficient markets hypothesis : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Vol 23, No.10 (October, 2011) An observation about corporate security departments : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Haterís Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

 

The Last but not Least


Copyright © 1996-2014 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Site uses AdSense so you need to be aware of Google privacy policy. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine. This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting hosting of this site with different providers to distribute and speed up access. Currently there are two functional mirrors: softpanorama.info (the fastest) and softpanorama.net.

Disclaimer:

The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: July 07, 2013