I forgot my Solaris password. How do I wipe out, bypass or disable the root password in Solaris?

A: There are several situations you might find yourself in which might require you to bypass or temporarily disable the root password on a Solaris machine. For example, you have an old Sun machine that you pulled out of the closet, or someone might have asked you to fix their Sun machine. In any case, for some reason you do not know the root password to your Solaris box, this solution will show you how to both bypass and temporarily disable the root password. NOTE: This solution requires you to have:

  • a Solaris software CD
  • physical access to the machine (i.e. you must be with the machine, not remotely administering it)

SUMMARY:

  1. With the machine at the OK prompt, put in a Solaris software CD and boot from CD-ROM into Single User Mode.
  2. Mount the root slice of the boot drive to the /a mount point on the CD-ROM.
  3. If needed, set your terminal so that vi will display properly.
  4. Edit the /a/etc/shadow file, commenting out the existing “root” line and creating a new one with no password set.
  5. Halt the OS; when the machine goes to the OK prompt, boot from the hard drive.

DETAILED:
1) With the machine at the OK prompt, put in a Solaris software CD and boot from CD-ROM into Single User Mode.

Bring the machine to the OK prompt, put the Solaris CD into the CD or DVD drive and type:

	ok boot cdrom -s

The CD light will start to blink and eventually the machine will boot into Single User Mode off the CD-ROM.

2) Mount the root slice of the boot drive to the /a mount point on the CD-ROM.

	# mount /dev/dsk/c0t0d0s0 /a

3) If needed, set your terminal so that vi will display properly.

Read here to determine if you need to do this step and what to do.
4) Edit the /a/etc/shadow file, commenting out the existing “root” line and creating a new one with no password set.

	# cd /a/etc
	# vi shadow

The file should look simlar to the following:

	root:WSr6XJiU3sNuo:13390::::::
	daemon:NP:6445::::::
	bin:NP:6445::::::
	sys:NP:6445::::::
	adm:NP:6445::::::

	lp:NP:6445::::::
	uucp:NP:6445::::::
	uucp:NP:6445::::::
	listen:*LK*:::::::
	nobody:NP:6445::::::
	noaccess:NP:6445::::::
	nobody4:NP:6445::::::
	ftp:*LK*:::::::
	~
	~

	~
	~
	~
	~

	"shadow" [Read only] 13 lines, 263 characters

Take note of the first line – the one starting with “root”

Note how after the word “root” there is a colon (:) and a long string of numbers mixed with upper and lower case letters. This is current password. The twist is that this is the encrypted password. In other words, copying this down onto a piece of paper and trying to use it to log in as root would be useless. So we’re going to do the next best thing: we’re going to disable the current password and create a temporary line in the /etc/shadow file that sets a “blank” password for root. This part of the tutorial is going to assume that you know how to use the vi editor.

What you need to do is to duplicate the “root” line that I mentioned before so there are two copies of the line. Using your vi editing skills, copy the “root” line, then paste it 1 line down. The first few lines of the file should now look like this:

	root:WSr6XJiU3sNuo:13390::::::
	root:WSr6XJiU3sNuo:13390::::::
	daemon:NP:6445::::::
	bin:NP:6445::::::

Again, using your vi skills, insert a hash mark (as it’s called in UNIX-land) before the word “root” in the first line. Then go down to the second line and delete everything between (but not including) the first and the second colons. After doing this, the lines should now look like the following:

	#root:WSr6XJiU3sNuo:13390::::::
	root::13390::::::
	daemon:NP:6445::::::
	bin:NP:6445::::::

What we’ve just done is the following:

  • The hash mark (#) has commented out the entire first line so that the computer does not “see” it when reading the file. This “disables” the original password.
  • In the second line, by removing the text between the first and the second colons, we have removed the password.

NOTE: It is critical that when you make the changes to the file, you do not add or delete extra colons. Each colon denotes the start of a new column of information and adding or deleting colons will create problems when the OS goes to read the shadow file.
Since the first line (the one with the password still there) is “disabled” or “invisible” to the computer, then the second line becomes the line that the computer reads when determining the root password. But because we’ve just removed the password from that line, the password is now “blank”

5) Halt the OS; when the machine goes to the OK prompt, boot from the hard drive and, when prompted, test the login.

	# halt

The machine will start the shutdown procedure and will eventually come to the OK prompt. Type:

	ok boot

This will boot the machine from the hard disk. If you’ve done everything correctly, when prompted, you should be able to login as root without having to put in a password.

PS: If you need an Ugly Duckling Sun System to practice on, don’t forget AnySystem.com is your premiere source for new and refurbished Sun hardware, support, consulting and maintenance.

Leave a Reply

You must be logged in to post a comment.