Hi Unix Gurus, I thank all for the help. I've forgotten the root password; how can I recover? You need to have access to the machine's console. 1. Note the root partition (e.g. /dev/sd0a or /dev/dsk/c0t3d0s0) 2. Hit STOP-A or L1-A (or, on an ASCII terminal or emulator, send a ) to halt the operating system, if it's running. 3. Boot single-user from CD-ROM (boot cdrom -s) or network install/jumpstart server (boot net -s) (NB: if it asks you for a prom password, see below.) 4. Mount the root partition (e.g. /dev/dsk/c0t3d0s0) on "/a". "/a" is an empty mount point that exists at this stage of the installation procedure. (mount /dev/dsk/c0t3d0s0 /a) 5. Set your terminal type so you can use a full-screen editor, e.g. vi. (you can skip this step if you know how to use "ex" or "vi" from open mode). If you're on a sun console, type "TERM=sun; export TERM"; if you're using an ascii terminal (or terminal emulator on a PC) for your console, set TERM to the terminal type (e.g. TERM=vt100; export TERM). 6. Edit the passwd file (/a/etc/passwd for SunOS 4.x, /a/etc/passwd.adjunct for SunOS 4.x with shadow passwords/C2 security), /a/etc/shadow for Solaris 2.x and remove the encrypted password entry for root 7. cd to /; Type "umount /a" 8. reboot as normal in single-user mode ("boot -s"). The root account will not have a password. Give it a new one using the passwd command. Thanks to Stefan Voss PROM passwords: Naturally, you may not want anyone with physical access to the machine to be able to do the above to erase the root password. Suns have a security password mechanism in the PROM which can be set (this is turned off by default). The man page for the eeprom command describes this feature. If security-mode is set to "command", the machine only be booted without the prom password from the default device (i.e. booting from CD-ROM or install server will require the prom password). Changing the root password in this case requires moving the default device (e.g. the boot disk) to a different SCSI target (or equivalent), and replacing it with a similarly bootable device for which the root password is known. If security-mode is set to full, the machine cannot be booted without the prom password, even from the default device; defeating this requires replacing the NVRAM on the motherboard. "Full" security has its drawbacks -- if, during normal operations, the machine is power-cycled (e.g. by a power outage) or halted (e.g. by STOP-A), it cannot reboot without the intervention of someone who knows the prom password. __________________________________________________ Do You Yahoo!? Check out Yahoo! Shopping and Yahoo! Auctions for all of your unique holiday gifts! Buy at http://shopping.yahoo.com or bid at http://auctions.yahoo.comReceived on Mon Dec 17 18:17:23 2001
This archive was generated by hypermail 2.1.8 : Wed Mar 23 2016 - 16:32:37 EDT