Using chroot to Recover root Passwords

Using chroot to Recover root Passwords

Introduction

The problem: there's a system that's been collecting dust on my shelf for some time now. I've come to realize, unfortunately, that I no longer remember the password for this machine. Rather than reinstall the system, I used an much easier method utilizing chroot.

The easiest way to achieve this purpose is with the use of a LiveCD.

Selecting a LiveCD

There's no need for a LiveCD with a graphical interface, or a full package selection. All that's needed is a shell, and chroot's dependencies.

In my preference, I've selected Gentoo's 2008.0_beta2 LiveCD. Despite being a beta, the shell and utilities work without an issue and I'll get one of the latest kernels, 2.6.24.

chroot

Once the LiveCD has loaded, my first order of business was to mount the system in question's filesystems. This includes mounting the root filesystem where passwords are stored, and mounting dev and proc to this filesystem.

livecd gentoo / # mount /dev/sda1 /mnt/gentoo
livecd gentoo / # mount -t proc none /mnt/gentoo/proc
livecd gentoo / # mount -o bind /dev /mnt/gentoo/dev

With that complete, I'm ready to chroot in to the filesystem and change the password. Keep in mind that with many distributions, you must specify what shell you wish to use. In my case, I use bash, which resides in /bin.

livecd gentoo / # chroot /mnt/gentoo /bin/bash

As I'm running Gentoo on the host system as well, I'll also need to update the environment and profile.

livecd / # env-update && source /etc/profile

Now that the chroot is complete, I'm free to change the password.

livecd / # passwd

And there it is. I've successfully changed the system's password so I'm once again able to log in to the machine. All that's left to do is exit the chroot environment and reboot the machine.

livecd / # exit
livecd / # cd /mnt
livecd mnt / # umount gentoo/proc/ gentoo/dev/ gentoo/
livecd mnt / # reboot

Conclusion

Utilizing a Linux LiveCD, it's simple to "rescue" a given Linux box that has had it's root password changed or forgotten. Of course, this also creates a security risk in business-critical machines. If an employee were to use this on a business server to gain root access, the business would be in some form of trouble (provided the IT Department doesn't know what they're doing).

Regardless of this, LiveCDs with chroot provide excellent personal tools for setting new root passwords when a password is forgotten. Some other options aside from Gentoo's are: Ubuntu, Knoppix, and openSUSE.