Resetting Root Authorization in Linux and Prevention

The root authentications can be reset to NULL value from the following method.

Do not use this information for committing cyber crimes.

AT Grub Loader.

highlight the desired kernel which you want to boot ‘fedora core fc9′

press ‘e’ to edit the run levels and other options

then the second menu arrives as ..
(hd0,1)
rhgb quiethighlight the part with quiet and then again press ‘e’

now you will get a prompt to edit the command …
add 1 as
rhgb quiet 1
space is must…
then press enter
and then press ‘b’ to boot
you will be booted and awarded with a root console….
root@machine#
root@machine#passwd
change the password of root>
Enter New password>
Retype password>
all pasword tokens authenticated….

root@machine#reboot

Explaination:

By editing the grub we edit the kelrnel line from where the OS will get booted. in doing so FC or any other distro it boots the Os kernel with the runlevel one.
In doing so it repairs the the filesystem and reinstalls the users and makes the default value of each password to NULL.
this can be prevented by editing the runlevel from restting the passwd. just add a # to the line of passwd in /boot/boot.conf under the heading of runlevel one.

then you may add the numbers such a 1, 2, 3 to have different run levels.

2 will open in text mode.
suppose you have various kernels on your system then /etc/grub.conf will show

title Fedora Core (2.6.12-1.1398_FC4)
root (hd0,0)
kernel /vmlinuz-2.6.12-1.1398_FC8 ro root=LABEL=/1 rhgb quiet
initrd /initrd-2.6.12-1.1398_FC8.img
title Fedora Core (2.6.12-1.1390_FC8)
root (hd0,0)
kernel /vmlinuz-2.6.12-1.1390_FC8 ro root=LABEL=/1 rhgb quiet
initrd /initrd-2.6.12-1.1390_FC8.img
title Fedora Core (2.6.12-1.1387_FC8)
root (hd0,0)
kernel /vmlinuz-2.6.12-1.1387_FC4 ro root=LABEL=/1 rhgb quiet
initrd /initrd-2.6.12-1.1387_FC4.img
title Fedora Core (2.6.11-1.1369_FC8)
root (hd0,0)

you may chnge the preference and remove the hash from password protected grub and edit the password value.

Prevention:

The above method for resetting the password value can be prevented by using a password protection over grub.

This can be done via terminal,

login as Super user by su -

and then type grub-md5-crypt

you will then be prompted to type password, retype when asked. Then copy the MD5 hash which is generated for the grub.

now open /etc/grub.conf

Locate hiddenmenu

now below this write : password –md5

Now whenever you enter the grub screen it will not edit the kernel line, unless you provide the correct password.

You can also prevent the boot of certain kernel by changing the place from below of “hiddenmenu” to above of the desired kernel.

Hope you enjoyed the post.