Tuesday, May 14, 2013

solaris 8 root passwd reset

i have no idea where this came from. i was grepping on my system for some hints. and this appeared. apparently i had to reset a sol8 root password in 2005. and now i have to do it again...

reset unknown root password
solaris 8

follow these steps you will have to use a new password though.

You need to have physical access to the machine's console.

Note the root partition; Solaris 8 uses /dev/dsk/c0t0d0s0 on the Ultra5/10
and Blade 100, /dev/dsk/c0t1d0s0 for Blade 1000.

Press the STOP and A keys simultaneously, or, on an ASCII terminal or
emulator, send a ) to halt the operating system, if it's running.

Boot single-user from CD-ROM (boot cdrom -s) or network install/jumpstart
server (boot net -s). For Solaris 8 use the CD-ROM labeled "Installation".
(If it asks you for a prom password, see below.)

Mount the root partition on "/a". "/a" is an empty mount point that exists
at this stage of the installation procedure. For example: #mount
/dev/dsk/c0t0d0s0 /a

If the mount command fails and since "/a" always exists, then you either
typed in the wrong device, OR the system is seeing the root partition as
something else. Do a "ls /tmp/dev/dsk" and see what is there. "c0t6" things
are the CD-ROM, what is left is what one needs to try. On a Blade 1000/2000,
choose /dev/dsk/c1t1d0s0, and execute: #mount /dev/dsk/c1t1d0s0 /a

Set your terminal type so you can use a full-screen editor, such as vi. You
can skip this step if you know how to use "ex" or "vi" from open mode. If
you're on a sun console, type "TERM=sun; export TERM"; If you are using an
ascii terminal or terminal emulator on a PC for your console, set TERM to
the terminal type for example: TERM=vt100; export TERM.

Edit the passwd file, /a/etc/shadow (or perhaps in older versions,
/etc/passwd) and remove the encrypted password entry for root.

Type: "cd /; then "umount /a"

Reboot as normal in single-user mode ("boot -s"). The root account will not
have a password. Give it a new one using the passwd command.

PROM passwords: Naturally, you may not want anyone with physical access to
the machine to be able to do the above to erase the root password. Suns have
a security password mechanism in the PROM which can be set (this is turned
off by default). The man page for the eeprom command describes this feature.
If security-mode is set to "command", the machine only be booted without the
prom password from the default device (i.e. booting from CD-ROM or install
server will require the prom password). Changing the root password in this
case requires moving the default device (e.g. the boot disk) to a different
SCSI target (or equivalent), and replacing it with a similarly bootable
device for which the root password is known. If security-mode is set to
full, the machine cannot be booted without the prom password, even from the
default device; defeating this requires replacing the NVRAM on the
motherboard. "Full" security has its drawbacks -- if, during normal
operations, the machine is power-cycled (e.g. by a power outage) or halted
(e.g. by STOP-A), it cannot reboot without the intervention of someone who
knows the prom password

....

Let's start by inserting the Solaris installation CD-ROM and then 
shutting down the system. Press...

     Stop-A

This will bring you the OK prompt. Now type:

     boot cdrom -s

and after a few minutes you will automatically be logged in as root in 
single user mode. It is possible that you get messages from your system 
claiming that some partitions were not cleanly unmounted. If this is the case 
check the partition as follows (assuming that your root partition 
is mounted on /dev/dsk/c0t0d0s0):

     fsck -y /dev/dsk/c0t0d0s0

Now mount your root partition...

     mount /dev/dsk/c0t0d0s0 /a

and edit /a/etc/shadow. Find root's entry in this file and remove the 
second field (encrypted root password) so it looks like...

     root::98765::::::

After making your change, save the file and reboot the system.
Post a Comment