1

I am working on an ubuntu 12.04 server and i was not provided a sudo password. Now i need to recover it. I found out that we need to reboot into recovery mode to do so but we don't know how to get into recovery mode through ssh.

Any idea of how is this possible or any other ideas for recovering the sudo password? I have root access through ssh.

Update:

I've tried to do this:

su -

But without success:

su: Authentication failure
Zoredache
  • 128,755
  • 40
  • 271
  • 413
Toon
  • 111
  • 2
  • 4
    `I have root access through ssh.` - So what is it you need again? If you actually have root access, then you have all you need. Remember the sudo password, is the password for the user issuing the sudo command. Just run `passwd username` to set the password for your users. – Zoredache Oct 01 '14 at 17:51
  • `passwd username` returns `Authentication token manipulation error` – Toon Oct 01 '14 at 17:55
  • 2
    It seems likely that you have done something with an external authentication source, and broken it. Do you have ldap authentication setup or anything? Or maybe you have broken PAM in some obscure and unusual way. – Zoredache Oct 01 '14 at 17:56
  • No other errors beside that one? – miniBill Oct 01 '14 at 17:58
  • See if `sudo -i` works. – transistor1 Oct 01 '14 at 18:09
  • `sudo` is not the `su -` that you've demonstrated in your example. If you're already root the net effect is the same, but you have different components in between to troubleshoot. – Aaron Copley Oct 01 '14 at 18:11
  • `sudo -i` asks for `[sudo] password` and thats exactly what im trying to reset\recover. I did nothing with settings or files because i'm a total noob in Ubuntu servers. Just trying to get lost sudo password. – Toon Oct 01 '14 at 18:22
  • Btw i was told that root user name is "shell". When i'm trying to connect as `ssh root@server` it returns `Permission denied (publickey).` – Toon Oct 01 '14 at 18:24
  • Did you try `ssh shell@server`? – transistor1 Oct 01 '14 at 18:26
  • @transistor1 yup, i'm doing everything via `ssh shell@server` – Toon Oct 01 '14 at 18:33
  • @miniBill nope^ no other errors – Toon Oct 01 '14 at 18:34
  • So if that is really the root account then you should not need a password. What shows up when you type `groups shell`? Maybe its in the root group? – transistor1 Oct 01 '14 at 18:35
  • @transistor1 got this `shell : shell sudo mosmaket` mosmaket is another user. – Toon Oct 01 '14 at 18:40
  • So this account doesnt have direct root access. Do you know the password for the shell account (it's clear you're sshing in through private key)? If so, try using that password for `sudo`. – transistor1 Oct 01 '14 at 18:44
  • @transistor1 can't do that. I thought shell is root, so shell's sudo password is what i'm trying to restore. – Toon Oct 01 '14 at 18:45
  • What happens if you just type `passwd` with no parameters? Does it ask for the old password? – transistor1 Oct 01 '14 at 18:47
  • @transistor1 `Changing password for shell.` and next line `(current) UNIX password:` If i try to enter any password -- `passwd: Authentication token manipulation error passwd: password unchanged` – Toon Oct 01 '14 at 18:56
  • That basically means that you need to know the old password in order to change it to a new one. I get the same error on my system when I try to change the password, but type in the wrong _old_ password. I thought that maybe the account had no password set up and that you were expected to change it first. Unfortunately, it sounds like if no one knows the root password, you are going to need physical access to this box, or another user who has root privileges who is able to `sudo passwd shell` for you... – transistor1 Oct 01 '14 at 19:07
  • One last thought. Does anything come up if you were to type `find / -type f -executable -group sudo 2> /dev/null`? This might take a while to run. This will find any executable files that belong to the `sudo` group. Maybe there is some other executable program you are expected to use on this system. – transistor1 Oct 01 '14 at 19:17

2 Answers2

1

You cannot change your password due to the filesystem being mounted in read-only mode when booted into Ubuntu's recovery system.

See this AskUbuntu answer for more detail, but you will need to run the following command to re-mount the filesystem as read/write:

mount -rw -o remount /

After remounting, the output of the mount command should look similar to this for the root filesystem:

/dev/sda1 on / type ext4 (rw,errors=remount-ro)

As an aside, running su - as root will not give you any higher access - root is the highest possible on a Linux system.

Community
  • 1
Craig Watson
  • 9,370
  • 3
  • 30
  • 46
0

Do you have sudo access from your user account? SSH to the box, login and type

sudo -i

If you can get in, you are now there as root using your credentials. You can then change the password. Give that a try?

Chris Satola
  • 332
  • 2
  • 6