You might need to change the root password of your Ubuntu Machine, May be you forgot the password or you want to Log-in into your friend's system and you don't know the password.
Here is the trick to achieve this.
2. When GRUB menu appears choose the 'Recovery Mode' Option. (2nd option from top)
 |
| 2nd option from top. |
3. A black screen will be displayed with some code running on it. Wait for few seconds.
4. You will be presented with a list of options. Select "Drop to root shell prompt"
 |
| Select last option. |
5. You will be given the root access. [ This is not the security bug ]
6. Try running the command to change password.
$ passwd username // root in your case.
$ passwd root
7. System will prompt you for the new Unix password. Enter the new password. Confirm the password.
8. If everything goes fine, password will be changed. But there might be chances when you can get this error.
passwd: Authentication token manipulation error
passwd: password unchanged
You are getting this error because file system is mounted as read-only.
Luckily there is remedy for this also. (There is treatment for almost every disease in Linux)
Run this command -
$mount -rw -o remount / ( slash for root)
9. Try changing the password again. Password should be changed successfully.
Preventing Others from changing your password from recovery mode :
Although someone can change the password using recovery mode only when he have physical access to your system.
So now to prevent this from happening you can disable the recovery mode. How? follow the steps below.
1. Open file /etc/default/grub with root privilege.
$ sudo vi /etc/default/grub
2. Press 'I' to enter the edit mode.
3. Uncomment the below line.
GRUB_DISABLE_RECOVERY="true"
4. If no such line exists then add one.
5. Save the file by pressing esc then :wq then enter.
6. Run the below command.
$ sudo update-grub
Done !!
Stealing someones wifi password :
Although no one can change your password now using recovery mode option. But still there are chances if someone have access physically to your machine they can access your files. HOW?
Using a live CD or a bootable pen drive then can boot into your system and can access your all the files.
One such file which store your wifi password is stored in directory /etc/NetworkManager/system-connections/
Here are all the files, one for each wifi connection. And these files stores password in plain text i.e. without encryption.
Q. Why these files store password outside $HOME directory which is generally encrypted.
A. Because we generally check the checkbox "All users may connect to this network" when we create network connection.
So to prevent others from reading your password, go to Edit connections -> Network -> Edit -> Uncheck the box.
And yes Don't forget to encrypt your HOME directory next time you install the Ubuntu.
Happy Learning.
If you liked it, share it.
superb...!!!
ReplyDeleteThat was useful...I was looking for something like this only.
ReplyDeletenice article sir...
ReplyDelete