Matthai Posted July 14, 2017 Posted July 14, 2017 I have OrangePi Zero and have forgotten password. I have two users, root and ordinary user. Is it possible to change some file on SD card to reset password? Regards, M.
benalb Posted July 14, 2017 Posted July 14, 2017 The file is /etc/shadow, there will be lines like: user:asdfasdfasdf$$$$asdfasdfasdfsadfasdf::17178:0:98899:7::: anotheruser:asdfasdfasdf$$$$asdfasdfasdfsadfasdf::17178:0:98899:7::: systemd-timesync:*:17199:0:94499:7::: systemd-bus-proxy:*:17199:0:94449:7::: messagebus:*:17199:0:93459:7::: ntp:*:17199:0:23499:7::: (...) You must remove the second field as: user::17178:0:98899:7::: Then boot, press enter on prompt for password and once login in, change password with passwd. Make a copy in case things go south. 1
Matthai Posted July 14, 2017 Author Posted July 14, 2017 Yes, but I remove also root user? And then login with 1234? Because I changed password for root user and then forgot this password too.
StuxNet Posted July 14, 2017 Posted July 14, 2017 Uh... I'm pretty sure that was answered. Boot up a linux box. Like from another Orangepi, SBC or computer and mount the SD card. Find that /etc/shadow file. No password necessary from a 3rd party machine. Remove the second field mentioned related to the user. On my machine, there's a field for root and for stuxnet sudoer. So... You can always change root password from a sudoer profile afterwards. Give the recommendation a try before questioning the recommendation. I don't even think you would have to "Make a copy in case things go south." because if you can't login, things have already gone south. However, it's simply good practice to make a backup of the file and is forward thinking. So do so.
Matthai Posted July 15, 2017 Author Posted July 15, 2017 OK, my problem is, the machine is not easibly accessible anymore... so I asked a friend to go there, take SD card. He opened file /etc/shadow and removed line with user. User name was mitja. After that, he inserted SD card back, booted the machine and I tried to connect: ssh mitja@machine.ip After asked for password, I just pressed enter. And got "Permission denied, please try again." Any other idea for solution?
Matthai Posted July 16, 2017 Author Posted July 16, 2017 OK... however, that would be fun since OrangePi Zero does not have connector for monitor. I will try with keyboard only and guessing the correct output.
benalb Posted July 16, 2017 Posted July 16, 2017 Well, I forgot that detail. 0:) My opizero is connected and old TV with the expansion board. I suggest to log in blind, set a real simple password as 1234 and then log in via ssh and set a real password.
benalb Posted July 16, 2017 Posted July 16, 2017 And now I remember that you can connect via ttl serial with a pl2303 converter.
StuxNet Posted July 17, 2017 Posted July 17, 2017 Yea dudes. It's called a UART cable. Buy one, it's worth $20 and costs you $2.... http://www.taydaelectronics.com/bte13-007-cp2102-serial-converter-usb-2-0-to-ttl-uart-ftdi.html You should really buy two while you're at it. It's worth it. @Matthai It took 3 posts for you to volunteer that not only do you not have the root/any password but you also don't have physical access to the machine? I'm done giving suggestions, as all others should be as well. Any advice is (by admission) filtered through someone else, both ways and IMO unreliable and divergent. You want root access to an offsite computer that you don't know the password to? Psshhh! Tell that to every malicious hacker ever and the 100+ daily [banned] script kiddies attacking my FTP. Real talk. SSH isn't granting you all out permissions over everything prolly because you need to set something up physically first. Full blown root access over SSH without keys and authentication would just be stupid. Tell your offsite buddy to delete the lines (as done) then take an extra 2 seconds to setup the 'first' default password and try again. Especially after generating some SSH keys. Also, if you knew anything about Armbian you'd know that you can't 'just pressed enter' as the default, root password. Again, that wouldn't be wise. I'm 3 sentences past done. Stux out.
Matthai Posted August 3, 2017 Author Posted August 3, 2017 Thanks for your answers. In fact, I already have UART cable, and right now I managed to solve the problem. And maybe there was misunderstood. My problem with physical access was, that this device was about 50 km from my home. I thought my friend would be able to help me with my instructions on the phone, but at the end of the day, I need to go there by myself. Anyway, solved.
StuxNet Posted August 4, 2017 Posted August 4, 2017 7 hours ago, Matthai said: I thought my friend would be able to help me with my instructions on the phone, but at the end of the day, I need to go there by myself. Replace friend with customer and you've lived my life. Good to know you figured it out. Take care. 1
Recommended Posts