Resetting “root” Password On A Linux System Using Clonezilla

Clonezilla is a free imaging tool. That already rocks in itself. However, Clonezilla is based on a mini linux kernel (Debian based) which features shell access among many other things.

(Clonezilla official site)

Plus, as an imaging tool, a variety of raid card drivers and hard drive drivers are included. What this means: Clonezilla is an AWESOME recovery tool as well.

Here we do a simple task with Clonezilla: reset root password on a linux system!

Got Root?


Clonezilla is awesome. I have used it for many a sysadmin-y recovery task and hope that this is the first of at least a few tutorials on using Clonezilla for awesomeness.


Sponsored Links




Sponsored Links



Full comments/commentary/screenshots below!

Video Demo: Enjoy!

Screenshots and Commentary!

  1. Enter Shell for Clonezilla

    Reset Root Password Pic 01

  2. Choose Option (2) to “Enter command line prompt”

    Reset Root Password Pic 02

  3. Run fdisk -l to see all disks. In my case, then fdisk -l | grep “/dev/sd”. I can see three “Linux” formatted partitions on /dev/sda which is likely my OS disk. Then three other disks which are “Linux LVM” format, likely data filesystems that are LVM format

    Reset Root Password Pic 03

  4. fdisk -l /dev/sda lets you see that this is likely the OS disk (notice the swap partition).

    Reset Root Password Pic 04

  5. mount /dev/sda2 /mnt. /dev/sda2 are/dev/sda3 are candidates for being the partition I am looking for, with /dev/sda2 being the likely correct filesystem. So here we mount it to /mnt.

    Reset Root Password Pic 05

  6. cd /mnt, ls shows us this is the OS disk. From here we can see the existence of the OS /etc/passwd (currently /mnt/etc/passwd) and /etc/shadow (currently /mnt/etc/shadow) files as well.

    Reset Root Password Pic 06

  7. more /mnt/etc/shadow. Taking a peek

    Reset Root Password Pic 07

    Here’s the plan:

    We are currently booted up into a Clonezilla kernel, with its own /etc/passwd and /etc/shadow files. Remember the OS we are trying to reset the root password for is in /mnt/etc/passwd and /mnt/etc/shadow.

    We are going to change the password for a Clonezilla user to a password we know. The encrypted form of that password will show up in Clonezilla’s /etc/shadow file. We will copy that encrypted password to our OS /etc/shadow (currently /mnt/etc/shadow) and copy that to root’s entry.

    And that’s that!

    Going on..

  8. cp -p /mnt/etc/shadow /mnt/etc/shadow.YYYYMMDD. IMPORTANT: CREATE A BACKUP! And make sure to create it in /mnt (the actual OS disk) and not in the Clonezilla mini kernel.

    Reset Root Password Pic 08

  9. cd /etc, more passwd. Now we are going to look at the Clonezilla passwd file and NOT the OS passwd file. Reason being we are going to change the password on a Clonezilla user. I am checking the passwd files for a list of users. The user “user” is a good candidate to use.

    Reset Root Password Pic 09

  10. grep user /etc/shadow, passwd user, grep user /etc/shadow. Here we change the password for the Clonezilla kernel “user”. We are checking the /etc/shadow file to make sure the password changed.

    Reset Root Password Pic 10

  11. grep user /etc/shadow >> /mnt/etc/shadow will copy the Clonezilla user “user” entry to our OS shadow file. IMPORTANT: Remember to use TWO “>>” and not ONE “>” so you append, not overwrite. (But in case you do overwrite, that’s why we made the backup copy) :D

    Reset Root Password Pic 11

  12. vi /mnt/etc/shadow. Here you will see at the bottom the entry for “user”.

    Reset Root Password Pic 12

  13. Move the “user” entry next to the “root” entry. More for organizational sake and less confusion for the next person who looks in this file.

    Reset Root Password Pic 13

  14. Rename “root” to “root1″, Rename “user” to “root”. This way we keep a backup of the previous “root” password (just in case we need it!) and have labeled it as the password for a non-existent user “root1″. Then by renaming “user” to “root” we now know the “root” password for the OS.

    Reset Root Password Pic 14

  15. After saving file, cd /, umount /mnt, exit, exit. We are done, basically exiting out now.

    Reset Root Password Pic 15

  16. Enter_shell, (1) Reboot. Clonezilla makes you jump a few more hoops. After you exit the shell, it takes you back to the first “Start Clonezilla” screen. From here go back to the shell then choose the reboot option

    Reset Root Password Pic 16

SUCCESS! DONE! Have fun, play around, good luck!

 
 

, Geek, Linux

One thought on “Resetting “root” Password On A Linux System Using Clonezilla

  1. Hey, I recently had a similar issue. Servers with an unknown root and a password locked grub. I though I’d share this tip to simplify your process.

    run:
    chroot /mnt/ passwd

    That will reset the root password on the mounted linux. You have to make sure you don’t mix and match x64 and x86 for the boot disk and mounted linux.

Leave a Comment

Your email address will not be published. Required fields are marked *

Spam protection by WP Captcha-Free