Recover credentials root

shakaxl

New Member
Joined
Apr 13, 2021
Messages
18
Reaction score
3
Credits
179
Hi dead friends

Can someone help me or have some suggestion to recover the root pass of Redhat Server?

I tried boot from console and edit the grub boot but It appears is with the grub password too.

Some alternatives to break and recover?

WhatsApp Image 2021-10-07 at 13.42.17.jpeg


WhatsApp Image 2021-10-07 at 13.42.17 (1).jpeg


Thanks you so much!
 


Boot from the installation media and chroot into your installation to reset the root password.
 
@f33dm3bits has a valid solution, I'm just adding this for snark (although you may find some options easier than chroot'ing). Anyway, this is why sudo is so insecure:

1. Are you a member of the "wheel" group (how very BSD of RHEL)? If you are or don't know, login as a normal user and run any of these:
a) sudo su then passwd and enter a new password.
b) sudo -i and passwd and enter a new password.
c) sudo passwd root
2. Using a LiveCD boot, mount your OS partition and edit /etc/sudoers (with nano or vi) and add:
Code:
<your username> ALL=(ALL) ALL
%<your primary usergroup> ALL=(ALL) ALL
and save. Now you can sudo when you reboot and follow step 1. Note, your primary group is by default your username.

And that, folks, is why sudo is a trade-off. Note that chroot'ing or flat out editing the sudoers file will not work if the partition is encrypted and you forgot the password.
 
@Fanboi With RHEL installation media it's fairly easy to chroot into your system to reset the password from there, about the same amount of effort as your #2 solution ;). I replied with that solution as I am assuming OP has already tried all their other options sudo included if they had that available to their user. As when running RHEL one is to expect that they have at least a basic idea of what they are doing.
 
Last edited:
I know, the Install/Live CD works for any distro.
I was mainly being snarky about sudo, mate. The kinda user who'd ask this is likely new and likely doesn't know the sudo exploit (actually, TBH, most Linux users don't). That's why I added step #2, because yours only recovers root, mine actually exploits the system surreptitiously: you don't need to change root's password to gain full sudo privilege, thus, your sysadmin, unless particularly astute, won't know you can do whatever you want ;^)
Like I said, just me being snarky about sudo, no hijack or off-topic intended.
 
Hello @f33dm3bits @Fanboi

Perform the steps first to recover the boot password that protects the boot / grub successfully.

After that I did the root password recovery, I managed to enter successfully, I was happy.

After 1 hour I am surprised that I can no longer enter, I have done the same procedure again, which I share but still I get the wrong login, could you help me what could be happening? I'm desperate.

1637710266020.png


1637710275571.png


1637710297245.png


I typied a easy password like "cisco"

1637710356351.png


I can´t enter, It's incredible, please can you help me?

Thanks
 
Hi everyone

Thank fot you support, I recovered the password of my redhat server.

The unique peculiar thing is that I had select the 2 option = 7.4 Maipo

When I selected the first option 7.4, I couldn't do it
 
That is strange it shouldn't make a difference, also something you should do when resetting the root password from rescue mode before your reboot.
Code:
touch /.autorelabel
Then your system will automatically be relabeled by selinux which is needed after resetting the root password.
 

Staff online

Members online


Top