1. Forum
  2. Usenet
  3. LINUX.DEBIAN.USER

  • Re: Lost password need help!

    From eben@gmx.us@21:1/5 to The David on Fri Nov 22 18:50:01 2024
    On 11/22/24 11:56, The David wrote:
    We have been using the debian 3.2.0-4-686-pae for our company. We are moving to another state and we forgot the password. Is there anyway to recover this without losing data? Thank you.

    Boot off rescue media, mount the victim's / partition somewhere, then edit <mount_point>/etc/shadow to change the second field (deliminated by colons)
    to the null string. An asterisk means "this user cannot log in", so not
    that. Then sync, unmount, and reboot. The first two steps may be implied
    in the third, but it won't hurt if they're done explicitly.

    So no, you can't recover it easily (the encryption is one way), but you can reset it.

    --
    How often have I said to you that when you
    have eliminated the impossible, whatever remains,
    however improbable, must be the truth?
    -- Arthur C. Doyle as Sherlock Holmes in "The Sign of the Four"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From tomas@tuxteam.de@21:1/5 to The David on Fri Nov 22 19:10:01 2024
    On Fri, Nov 22, 2024 at 04:56:23PM +0000, The David wrote:
    We have been using the debian 3.2.0-4-686-pae for our company. We are moving to another state and we forgot the password. Is there anyway to recover this without losing data? Thank you.

    Which password?

    If it is some user's or root's password, there are several ways
    1. add "init=/bin/sh" to your GRUB kernel command line
    2. take out your disk and mount it in another system
    3. boot a rescue system (e.g. your Debian installer in rescue
    mode), mount your disk

    If you are a beginner, option 3 seems the easiest. In all three
    cases, you want to edit your /etc/passwd to remove the password.
    Then you can log in without password. Don't forget to set a new
    one!

    If it is a disk encryption password, things are much more difficult
    to impossible.

    Just ask if you need more details.

    Cheers
    --
    tomás

    -----BEGIN PGP SIGNATURE-----

    iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCZ0DISwAKCRAFyCz1etHa RgUFAJ9+D/cS65Iso7gQ7tw3HmcO2bzKGQCfbf+Nl3nQBfe4MnKgwQjkuDLf4VU=
    =I+NO
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Dan Ritter@21:1/5 to eben@gmx.us on Fri Nov 22 19:20:01 2024
    eben@gmx.us wrote:
    On 11/22/24 11:56, The David wrote:
    We have been using the debian 3.2.0-4-686-pae for our company. We are moving to another state and we forgot the password. Is there anyway to recover this without losing data? Thank you.

    Boot off rescue media, mount the victim's / partition somewhere, then edit <mount_point>/etc/shadow to change the second field (deliminated by colons) to the null string. An asterisk means "this user cannot log in", so not that. Then sync, unmount, and reboot. The first two steps may be implied
    in the third, but it won't hurt if they're done explicitly.

    So no, you can't recover it easily (the encryption is one way), but you can reset it.

    If it isn't encrypted:

    Boot. Pause the boot on the bootloader, and add to the kernel
    command line:

    init=/bin/bash

    Let it continue booting.

    When it gives you a shell, mount the root partition read/write:

    mount -o remount,rw /

    Change the root password:

    passwd

    sync

    reboot

    You now know the root password, and after logging in as root can
    change any other user's password.

    -dsr-

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael =?utf-8?B?S2rDtnJsaW5n?=@21:1/5 to All on Fri Nov 22 19:20:01 2024
    On 22 Nov 2024 12:40 -0500, from eben@gmx.us:
    We have been using the debian 3.2.0-4-686-pae for our company. We
    are moving to another state and we forgot the password. Is there
    anyway to recover this without losing data? Thank you.

    Boot off rescue media, mount the victim's / partition somewhere, then edit <mount_point>/etc/shadow to change the second field (deliminated by colons) to the null string.

    That, of course, assumes that what's being talked about is a user
    account password.

    If what you are talking about is instead a LUKS passphrase, then a
    very different piece of advice applies: DO NOT REBOOT THE SYSTEM UNDER
    ANY CIRCUMSTANCES.

    _Given root_, the volume key can be extracted on a running system
    where the container is unlocked and either used directly or to create
    a corresponding LUKS header with a known passphrase; but once the
    container is locked (either by luksClose, or by rebooting), that
    possibility is lost and the data becomes inaccessible without a valid
    container passphrase.

    So: _exactly_ which "password" are you referring to?

    --
    Michael Kjörling
    🔗 https://michael.kjorling.se

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Guthausen@21:1/5 to The David on Fri Nov 22 19:20:01 2024
    On Fri, 22 Nov 2024 16:56:23 +0000
    The David <thedavid86@hotmail.com> wrote:

    We have been using the debian 3.2.0-4-686-pae for our company. We are
    moving to another state and we forgot the password. Is there anyway
    to recover this without losing data? Thank you.

    You can boot the machine with a live system, mount the filesystem to
    /mnt and chroot into it, then set a new password with ``passwd''. HTH

    kind regards
    Frank

    -----BEGIN PGP SIGNATURE-----

    iQGzBAEBCgAdFiEE86z15c6qwvuAkhy+zDIN/uu9BloFAmdAxC4ACgkQzDIN/uu9 Blrpvwv+McQtEv8iRGzmtOVdU5fqB3WHSe7hM/j9wDrUbhkv9CyEFEM5PMZgatLD l6mVJa2Q/Fdv3ncXMsaBFSnLUSu4jknEsO8y08MAnUkYtV36AnuUL6nTD3CnKbpP DTq+2fJV+2ve4FKyPGCtRSVwk1EvSLGEatktOE+jnhD0Mw0b8MqoJf+cHpBC/asO 6XrrPfX3kyBMxQkKApqyTZKURsMUKAvg9PFCkPASOXgZss2I/JHg7EJdnR6C0CQM 4thp2yd5xYYoLSDjkowbP9aFbB1C49ZJQS57OZsRgTKEWvJn5+X1bi4spmFgBO39 axy7h+qJrV0VIIV86K46aUarXwczAt+JDzQgZ94NL7VpJR1gBSqEjgfR92HwY0ZS s5KNLZKWTtOOKVQrbhh2JBETqAVQkxCrnFZW8HjIUdCGTwNnj76xALFCOguNGdQK r1X8BXuP78yvopv9D+AG8TA0FdLavYZdDGIlTYJj9YkSjE8UGBZqZsz0YsKe6EWS
    lgYqcOdH
    =i9j4
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Smith@21:1/5 to The David on Fri Nov 22 19:40:01 2024
    Hi,

    While people here can and will attempt to talk you through resolving
    your problem…

    On Fri, Nov 22, 2024 at 04:56:23PM +0000, The David wrote:
    We have been using the debian 3.2.0-4-686-pae for our company

    This is an ancient kernel version and 32-bit (as denoted by 686-pae) is
    also inadvisable. The next stable release of Debian (coming next year)
    will not have 32-bit kernel or installer so you're going to need to
    switch in the near future anyway to keep up to date.

    We are moving to another state and we forgot the password. Is there
    anyway to recover this without losing data?

    If you're running a business that needs this computer and have no one
    on-site who can sort out a forgotten password I think you need paid
    help. With the best will in the world from unpaid volunteers such as us,
    that's not a way to run a business.

    You might like to try to find assistance through the Debian consultants
    page and/or mailing list:

    https://www.debian.org/consultants/
    https://lists.debian.org/debian-consultants/

    Thanks,
    Andy

    --
    https://bitfolk.com/ -- No-nonsense VPS hosting

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Paoli@21:1/5 to thedavid86@hotmail.com on Fri Nov 22 23:50:01 2024
    On Fri, Nov 22, 2024 at 9:27 AM The David <thedavid86@hotmail.com> wrote:
    We have been using the debian 3.2.0-4-686-pae for our company. We are moving to another state and we forgot the password. Is there anyway to recover this without losing data? Thank you.

    Yikes! That kernel goes back to Debian 7 - released 2013-05-04 https://lists.debian.org/debian-announce/2013/msg00002.html
    EOL 2016-04-25, EOL LTS 2018-05-31, EOL ELTS ~2020-06-30 https://wiki.debian.org/DebianReleases

    And no, you can't recover password(s), but you can reset.
    If it's password of non-root user, reset it via root account, e.g.:
    # passwd name_of_user_login_to_reset
    If it's root password, can boot to single user mode or maintenance
    mode or the like,
    for Debian 7, default init was still sysv, so can boot to single user
    mode by passing additional kernel parameter of S (or s)
    if that doesn't prompt you for password, should be good at that point,
    mount the filesystems, e.g.:
    # mount -a
    Make sure root (/) filesystem is mounted rw, if it's still mounted ro,
    then to remount it rw:
    # mount -o remount,rw /
    And then change the root password:
    # passwd
    If that boot to single user mode insists upon root password,
    or if you're using systemd init system, can instead of parameter of S
    (or s) at boot,
    pass additional parameter of:
    init=/bin/sh
    That will get you root shell without needing to enter password.
    You'll then need to mount the relevant filesystem(s), and rw as applicable, chroot into such, and then likewise reset password with the passwd
    command run as root.
    If you're being kept out by a GRUB password you don't know,
    can boot off ISO or network, e.g. recovery or install environment,
    and use that similar to the above to mount and access the target filesystem(s), generally use chroot to get into them, and then as root the passwd
    command to reset password(s).

    If the password you lost is for LUKS encryption, you're screwed -
    restore from backup(s). Only possible exception on that
    might be if the host is still up and running and hasn't been rebooted
    and you have access to root shell,
    or if the password happens to be so weak you can find it via brute
    force attempts at it.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)