07-18-2012 10:32 AM
I lost root password for my unix server running 11iv2 and its a trusted system. But fortunately i have sudo access to root from my user account.
Will the below steps will work to regain my password (i got it through web and it make sense)
sudo su -
enter your own password here
you must see user id 0, which means you are root.
#cp root backup_root
useradd -m dummy (or any unused username)
give it a password
copy the encrypted string on the password line up to the colon sign (do not include the colon)
delete the password string and paste the copied password string in its place, making sure the length of deleted string and pasted string are the same.
give password for user dummy as old password
select a new password and type twice !
Solved! Go to Solution.
07-18-2012 10:41 AM - edited 07-18-2012 10:43 AM
It's much easier than that. Just edit the /tcb/files/auth/r/root tcb file and change the password line to:
Then login as root and run passwd command to set the new password.
You can also use scp to overwrite the old file with a know password file from another server.
07-18-2012 10:51 AM
I recently implemented this in /etc/default/security for auditing.
and my old password is less than 8 characters and no special characters etc.. I beleive thats why it quits working? Will emptying root password allow me to reset as it needs to go through above variables?
07-18-2012 11:08 AM
I've had settings like that and never had a problem. But of course taking a copy of the tcb file before you start can never hurt. Those configuration setting are normally used by the security files (pam) at login and when changing passwords. I've never heard of these settings invalidating an active account.
07-19-2012 05:22 AM
Dennis, passwd requires the prior root password to be known and entered when the system is set to trusted. When the root password is lost you only have this approach if you have SUDO or RBAC setup, or reboot to single user.
07-19-2012 11:16 AM
I've never seen any difference between /sbin/passwd and /usr/bin/passwd when changing the root password on a trusted system. It has always prompted for "Old password:" from 11iv1 through 11iv3. Have you tried it and seen a different behavior?
07-19-2012 01:45 PM
I just ran '/sbin/passwd root' on HP-UX 10.20, 11.0, 11.11, 11.23 and 11.31 and it asked for the old password on all servers.
I don't remember ever NOT being prompted for the old password, regardless of the passwd program used.