How to change forgotten Linux password
Вставка
- Опубліковано 8 лис 2021
- This goes over resetting ANY Linux password and two methods of doing so. .
►► Digital Downloads ➜ www.cttstore.com
►► Reddit ➜ / christitustech
►► Titus Tech Talk ➜ / titustechtalk
►► Twitch ➜ / christitustech - Наука та технологія
It should be noted that if you use LUKS drive encryption... NONE of these methods will work as the information can't be mounted without the encryption key.
Want to reset password in Windows? Here is me using NT Offline password changer: ua-cam.com/video/4MEURdC8o8Y/v-deo.html
👏 Important disclaimer. 👍
Thank you sir!
That's why I have disk encryption.
Good to know that there are backup options for Linux Operating systems (TimeShift) - otherwise I would have to reinstall the entire dodad if I were to bonk the installation.
@@YoureUsingWordsIncorrectly What do you mean very destructive?
There is a third way: If you get into GRUB and go into the edit mode. Then you'd need to go to the line where it says "linux" and go to the far end. Then you add "init=/bin/sh" to it and if you then boot you'll get directly into a shell with root permissions (if the drive isn't encrypted)
I use this often as well, though many times the root partition is ro even if mount reports it as rw. So i usually end up having to do a mount -o rw,remount /
@Aurora How does that reset the root password?
@Aurora I knew
Nice one, I didn't knew that, thanks
Recently used this trick to get into my system after accidentally messing up my fstab. Worked great.
you can also insert the hash of a password into the /etc/shadow file. If you have access to the hard-drive
Many thanks for sharing this Chris, this has been a lifesaver when trying to access some old Linux VMs I have where I lost the password.
One more reason to encrypt your disk/s using luks
Jep... Nothing is better at preventing someone tampering with your OS then encrypting it.
Yep
How do I determine if hard drive is encrypted?
Chris love your videos I have no doubt after I will be using this throughout my infosec career
Nice! Back then, I did something somewhat similar in Windows XP by I think pressing Ctrl + Alt + Delete on the login screen and it went to the old fashioned one where you can manually type in user and password. I did the Administrator account without a password assigned to it and was able to reset stuff in that account normally.
thanks a lot Chris, i was about to reinstall my debian virtual box, and i forgot i could use an arch iso, i forgot once to edit the sudo file on the arch linux config and i booted up the iso to fix it, but it didn't came to my mind i could use the passwd command to reset the password👍
Hey, Chris, you just saved me with single user mode. I didn't need to change a password, but there was something messed up with sddm not having any sessions and not being able to get to a tty because it kept kicking me back to sddm. In this case, after _quiet_ I had to use _init=/bin/bash_ to enter single user mode, but it at least let me disable my sddm service until I can repair it properly.
Awesomeness. Much needed information. And another pro to linux... versatility.
Great content and I didn't think about using an arch ISO. I heard about CHROOTing by a friend who runs arch. Cool stuff.
Great video!
Passwords are just simply entries in a text file and are easy to change. The only problem is that Linux also uses your password to encrypt some things like your keyring/password store, if you use that. This is probably not an issue for root but definitely for regular accounts.
Thank you, Chris. Never happened to me, fortunately.
do you even need to mount the boot partition? I think you only need to chroot to /
I love the the Archlinux-trick. How would that work with LVM. Some distros and most server-distros use LVM nowadays.
Thank you!
Much Mahalo to you for this Linux mint hint.
I tried another YT video, but did not work.
Your vid was next and a BIG MAHALO for your knowledge. I am already a subscriber . Love the
Vids
C0LDST33L Honolulu, Hawaii
I really love your ui how do I get mine looking like that?
Thank you! I was able to reset my password with the 1st way. Do you have a video that shows how to remove the Root User?
I never knew until my senior sysadmin taught me 😃. I was like 🤯
Had to do it for a windows machine using a bootable USB, felt so cool
Awesome!!!
Thanks for this awesome video. Hey can you share that grub theme. its look so cool...
Certainly! Here is an entire video I did on the bootloader themes: ua-cam.com/video/BAyzHP1Cqb0/v-deo.html I even made an open source github project to auto install it on your Linux: github.com/ChrisTitusTech/Top-5-Bootloader-Themes
I was dual booting Windows and Manjaro recently and accidentally wiped the Manjaro bootloader. I used that chroot technique to re-install Grub so I could log back in. I used to think it was pronounced: shuh-root !
great video
I've actually used that second technique on a client computer who forgot their root user password. It's actually a nice hidden secret because with it, you could LITERALLY break into any users system with this technique.
just another reason why i use LUKS
I imagine this can't be done on OpenBSD
@@Bagginsess why not. At least why not the second one? If you can boot a standalone image, what prevents you from mounting the critical file systems and then issuing a chroot command to change your root and run the passwd command?
The same works in Solaris, and even SunOS when it was a BSD based Unix in the early 1990s.
The only way this won't work, as others have mentioned, is if the filesystem or volume is encrypted. But with unencrypted volumes, there is little to prevent someone from booting another instance, say from installation media, mounting the critical file systems of the image you need to get into, issuing a chroot command to change the root directory of the current shell to the newly mounted file system, and then take advantage of your root privileges to set a root password in that mounted file system.
This is likely an approach that is broadly cross distribution. Probably works on most *n?x distributions that have a chroot command.
Hi A little question how do you recommend entering the world of linux and unixI work for two years as a helpdesk in a big company (iscar) and want to promote me and teach me this world of linux
Hi thanks for your videos. Could you please make one on how to incorporate the features one wants from other distros to "mix and match" especially the feature of Mx Linux where one can actually make an image of current system to install on other machines
Is this possible to do with Windows as well? I've had one PC with logged microsoft account where one of my family members forgot the password and we couldn't reset it so I just had to perform a clean reinstall.
This will not work on Windows. There are other methods you can use to change a windows password but they can be difficult depending on the version of Windows you are running.
You could have reset the users password on the Microsoft account online.
With the first method - how do I enter my root password?
I entered single, hit f10, and it it asks to give root password of press control f10. But it won’t allow me input root password.
Any help would be great!
Can you do a video on full disk encryption in ubuntu and on LUKS in general? And also on how much of a performance hit should we expect? Cuz this here screams "insecure"
Thank you very much
First thing came to my mind when I saw the title was arch-chroot :)
When you install Arch you will learn this.
When i was new i used this to fix what ever i occationally bricked hehe.
Was actually one of the things i loved with Arch.
No, I don't know? I've never forgotten my password
@@redrush-hp9li Guess you havnt tried Arch. Its not a matter of forgotten password or not. What is done here is also something you do during the install.
@@Luftbubblan i have used arch for six months and don’t know what you mean the closest thing i had to knowing what you mean was when i installed artix i had to reboot into the live cd because i forgot to set a password so i had to chroot and passwd
@@linuxramblingproductions8554 Yeah, same thing. Nothing fancy to it.
So I have to download arch to do this?
Is this the same for SE Linux systems?
If the drive is not encrypted, yes.
how do i fix it if it does not let me to type in the new password?
really need the answer asap
If my system is encrypted I will not be able to use this method right?
Correct LUKS encrypts the drive so it can't be read.
Yeah was wondering as well, if you have LUKS none of this would work.
Fortunately!
I have tried every which Way but loose and it’s still bring me back to the original screen
it doesnt let me type in the command thing
i forgot my garuda password is there anyway to get into the system? can some one help me please i really need it
my system goes right to enter the password i have forgotten so how do i get to the grub section
sort comments by top comments, there is a comment that says edit the linux line in grub and place init=/bin/sh at the end, and another one i saw was to remount the drive with mount -rw -o remount / once you get to the command line prompt
Happy that I encrypt and won't forget my passphrase.
It doesn’t work on this computer. It’s an SKv satellite, L645D I cannot open it. Please help me.
Thank you so much, saved my ass on my laptop
I did this kind of thing once on my grandmother's old Mac laptop because she forgot her password. I can't for the life of me remember how I found out how to do it on a Mac. It's really strange to think that there's such an easy way to get root access on these platforms without needing more than five minutes of physical access.
Physical access was (and still is) considered something very hard to get. If you have some sensitive storage, you really don't want bad guys anywhere nearby as it's nightmarishly difficult and usually infeasible to cover the entirety of the attack surface in that case. Without disk encryption, the task of stealing data is trivial. With it, there are still things such as the Evil Maid (TPM largely mitigates this one but there's always something more advanced like cold boot attacks...). Point is, the single most important question in security is "which attacks might you reasonably expect, how much they would cost you to defend against and how much a breach would cost you?".
You probably don't have 4 layers of reinforced doors with couple dozen locks, biometrics and whatnot installed at your place. For someone with just a couple of hours of physical access and everyone nearby being completely oblivious to noise and lights it is likely relatively easy to get in. When you look at common solutions in physical asset security, they are almost as bafflingly easy to bypass. Yet they work quite well for most people.
Linux is awesome❤️❤️
From Now, I don't even need to remember my password🥰🥰
what is the sense of this video if i have the root passw?
Can I mount it if my drive is encrypted?
You don't, unless you have the key written down, so you could manually type it in.
Does it matter if Arch Linux is initiated from ISO file, Disc or thumb drive?
I tried entering tab and get select pxe, what does this mean? Entering Live yields could not find kernel image: Live, what does this mean? Mike
How do I determine if the drive is encrypted or not?
I didn't knew the single user mode method, I always do the chroot to do that, but in lubuntu xD
Hmm. I use a livecd, mount the partition, backup /etc/shadow and then just clear the password entered in the file, and then reboot. Downside is you must have physical access to the machine.
Arch chroot, is that different from normal chroot in this context?
No difference. Just that Arch uses arch-chroot for some reason.
@@act.13.41 Arch-chroot does some extra setup for you
@@BrodieRobertson I stand corrected.
that's why encryption is essential 😎
How do I determine if hard drive is encrypted?
My keyboard doesn't work for one of the steps, when I want set ny password
Awesome, I whish I would of know that before I reinstall linux on my parents computer.
What if the drive is encrypted?
typing in your password every 5 seconds, makes linux insecure
Hey bro u can help me with the passphrase?
Neither of my keyboards work.
My laptop keyboard and my external one aren't working :/
I have a Linux box that is all locked up. I tried both these ways from forums I found online. For some reason my boot menu is locked so I wasn’t able to select the arch distro, any thought on that?
Your boot menu comes from the BIOS or UEFI if it is a newer system.
@@act.13.41 agreed, is I was on a pc. I think the trouble I’m having is because I’m using an old iMac. I’ve tried all the common keys to trigger the grub menu, to no avail
@@OctavianTheGr8 What if you don't trigger the GRUB menu and just use a boot CD or DVD? That would allow you to mount the / volume and chroot into it.
Remember that the regular Boot menu is loaded from the BIOS, but the GRUB menu is a separate thing.
@@OctavianTheGr8 By the way, is it running Linux? if so, what distro? I would think that holding down the shift key would make it open the menu.
The fact that these exist terrifies me... because it does mean that there is basically no security against local unauthorised access. The same does apply to Windows, so it's not a Linux specific thing... but it's still a terrifying weakness.
Fde
If I use LVM and encrypt my drive, will it prevent someone from doing this?
Yes.
@@MatthewStinar can someone find a way to crack or bypass my encryption password? It's 22 characters long with symbols, upper and lower case letters and numbers.
@@reallauradee yea sure with a couple hundred years and a supply of supercomputers
Linux Nutzer lachen
Brodie did a video on this last week
HELP! Chris how can I reset my password if the grub menu is hidden? I can get to any sort of boot menu whatsoever. I have been struggling for months and feel like there might be hope after watching this.
I mean... Boot from another image to chroot or amend /etc/shadow
@@Lodinn I found that rather challenging, when the I couldn’t access the boot menu.
@@OctavianTheGr8 So, let me get this clear: you're booting from the image on your drive and get to the password prompt but bypassing grub, yet when you boot from live ISO, you don't get any grub whatsoever (what happens then instead?)
If the issue is with not being able to boot from an external drive, it's a BIOS thing (besides obvious boot priority shenanigans, it could be disabled explicitly or secure boot might be interfering with stuff).
@@Lodinn partly correct. I am able to load the OS from the internal drive. I set it up to automatically login (which I guess is why I forgot my password). When I attempt to get into the boot menu, grub menu, secure boot, literally anything other than booting straight into the installed os I get nothing. No trigger Keys worked I tried ecs, shift, command r and s, every F-key.
I quit trying on this machine 6 months ago and pulled it out of the closet after watching this video. I had no new found luck. I ended up pulling the drive and sticking it into another machine. I was able to run a live usb with POPos and formatted the drive. I then rebuilt my iMac with the freshly formatted drive and the live usb. It then found the live usb without trouble and booted automatically. I still didn’t get to select the boot menu, but I was able to do a fresh install and it’s working fine.
@@OctavianTheGr8 If the disk is encrypted and you've set it up with zero GRUB_TIMEOUT or locked out editing grub entries, well, it's more secure now - from yourself as well. If the disk is not encrypted, the second option shown in the video would be the way out: you boot into a live usb and instead of formatting the drive, mount it and chroot there. Alternatively, carve out the password from /etc/shadow on that drive by deleting everything between the first and second semicolons (so it'd look like username::10132:0:66669:7::: instead of username:(salted hash):10132:0:66669:7:::).
I've just always edited /etc/shadow, but using chroot is safer and easier.
And that is why you want your laptop encrypted! 🤣
I literally just did this for a family member's Windows machine. This is a hauntingly similar process.
Can you point me in the right direction? I'm quite curious as I wasn't able to do it with Microsoft account logged in.
@@adfjasjhf The video I followed was called "Reset Windows 10 Password with USB [Tutorial]" by MDTechVideos. But that video was for an offline account.
Im having a vibe on the "single"
Would we not want our user account to be secure from password being reset by anyone in the first place? I'd appreciate a video how to remove these options next if possible. Thanks Chris!
@@alex_schwartz appreciate the reply an useful information!
Please explain me if it's so damn easy to changre root passwd, why linux is considered a really secure OS? I'm really interested, and not trolling anyone. Thanks!
Linux is secure against remote access but theres nothing you can really do to prevent this kinda thing unless you encrypt the drive the exact same attack works on windows
The way did not chance in like 20 years
Boot from a whatever iso, mount, chroot, change!
LUKS !
today is my 4th day looking for how to bypass i guess the default grub password to be able to reset my root password huge problem nd running out of time
Why us your screen is too complicated?
Change ro to rw and quiet to init=/bin/bash and ctrl x and you get root. Do passwd root.
Could you provide a little more detail on this?
Thats why we should keep arch iso incase something happened!
It saved my butt so many dang times. Well, garuda-chroot did, but a fork is a fork.
It's easy, I just don't use passwords and everything I have is auto login, and for the root PW I write it down..
Tutor about how to customize Debian like you
Now i feel like mr robot
Legit thumbnail 😎🤘
If none of those work..do I just throw the dam thing in the trash..cuz I've tried everything
sort comments by top comments, there is one that says edit the linux line and place init=/bin/sh at the end, and another one i saw was to remount the drive with mount -rw -o remount / once you get to the command line prompt
This is why I carry a USB jump drive in my wallet that contains a live ISO...
The thumbnail says: Come with me if you want to Linux.
How isn't this a security vulnerability too?
Because it requires physical access to a device and manual input on a keyboard. On windows you can do it pretty easily too
@@abdulararak4672 I'd still call it vulnerability, cause cold boot attack is possible, unless there is an option to prevent this problem.
This is a big vulnerability. With that in mind, in a corporate environment, you need physical access to a machine so getting around physical security is an obstacle. As for the rest, you can protect GRUB with a password, so you can boot the system normally but need to enter a password to edit the boot entry. There is "whole disk" encryption that could be used to prevent anyone from accessing the drive without the proper password/key file. If someone does gain access and just resets the root password, utilities like OpenLDAP could be used to reset it on boot once the network is initialized.
Oh, and with grub password protected, you could also lock the BIOS with a password to prevent someone using the boot menu to boot a USB or CD on most computers.
any pc is vulnerable with physical access, if you want to steal data from windows all you have to do is load up a linux usb flashdrive and mount the disk, it's the same thing with linux, but with extra steps
Yup, this is why full disk encryption is so important. If your drive isn't encrypted it isn't secure _in any way_ . You can lock things down by disabling grub options or disabling root but if anyone can pop your drive in another machine (or boot from a live cd/usb) and just mount your volumes it is all a waste of time. Full disk encryption or go home my friends :)
At least encrypt the memes partition.
Exactly home computers are really the only place you can safely not use fde
How can I determine if the hard drive is encrypted?
@@RalphHerran easiest way to tell is does it force you to enter a password in order to even boot to the login screen? If no then it probably isn’t encrypted. If yes then it most likely is encrypted. Usually this means having to enter two passwords; one for the drive encryption and then one to login to your user account.
It’s possible with Windows or OPAL drive that the drive is encrypted and it’s using the TPM to unlock but that is very uncommon with Linux installs.
HACER MODE ON
The wallpaper makes me uncomfortable.
Man at step ONE YOU LOST ME WITH NO DAM DIRECTIONS!
everything thing i do shows PASSWORD FOR TIM....nothing f#$%ing works. any other videos show how to change passwords or this computer is going over the balcony? Many thanks
Chris I need help with my ArchTitus I dm you on twitter and sent a picture if you could answer when you can thanks
God bless your heart Mr. Titus. the Roblox community...ahahahha thanks bro!
*Does that mean its some legit hacking!!??*
*If so how do we avoid that??*
Wow I never knew this. So basically you can hack any Linux install if you have usb access ... with zero malicious software.
NO... This drive was not encrypted, and most people/ severs encrypt their devices.
@@hammerheadcorvette4 good to know. A very good reason to encrypt your drive.
I got something for ya I heard the other day.
Do you know why astronauts use Linux?
no?
It is lethal to open Windows in space!
:-D
Sadly, they sometimes use Windows too and that's a whole clown fiesta to use it legally in space :^)
@@Lodinn It blows my mind that there still are people trying to make something serious on a joke! Just laugh about it, I could not care less what os astronauts use! Face palm on this!!!
@@MrAffeman Evidently, we have very different ideas about having fun ;p
@@Lodinn Ok, HOW was your comment funny? Clown fiesta?
One more reason take keyboard with you.
Knew you'll chroot 🙃