Posted on: August 22nd, 2011 by Famous Phil

Anymore, it seems like posting here is a seldom activity because I don’t often deal with server administration issues any longer (although I am working on changing that ).  Today, I was asked to reset the password on a Mac Server because the user didn’t remember the password.  Personally, I don’t know how a server oriented password can be lost, but whatever, I guess I’ve seen it all now

Mac, like Linux and its BSD roots, has a flaw when you have physical access to the machine.  Basically, passwords are stored as password hashes in a simple file on the server.  To change the password of any user account, you basically have to gain write access to the said password (or shadow) file and change the hash to something that matches the new desired password.  Typically, this is very easy to do for any kind of Linux or BSD operating system.  For all of you Windows fans, Windows stores the passwords encrypted in SAM files (if I recall correctly), and there are also password reset disks available that you boot from and overwrite the administrator account password with your own password.  Once again, resetting a password is very easy to do to gain access to a machine provided you have physical access.  One tiny exception to this rule on every platform, if the encryption feature is enabled on a user account (provided it exists), the files that were encrypted will never be readable again if you change the password using this method.

Since this is resetting the password of a Mac, I’m only going to cover the Mac OS.  Mac, like Linux and BSD, has something called single user mode which is basically a recovery environment built into the operating system.  When something doesn’t work properly, this environment typically boots and gives the local user (on the console) a command prompt that is running as the root user (or superuser).  Typically in single user mode, the local hard disk is read only, but because you are root, you can simply change that to write mode.  Afterwards, its a matter of changing the password.  If you aren’t a single user mode fan, Mac even puts a reset password link in the utilities menu of their installation disk that does the work manually.

So, using the single user mode shell, here is the procedure to resetting the password of your mac:

1. Shut down the computer
2. While holding the command (apple) key and S simultaneously, power the computer on
3. The command line will come up shortly
4. Type in “/sbin/mount -wu /” without the quotes, this enables writing to the root operating system directory
5. type in “passwd <user>”, where <user> is the username whose password needs to be reset
6. type in “reboot”
7. Login as the user that you reset the password for, using the new password you set.

Tags: Mac, password, reset, root, single user mode
Posted in Hosting / Server Administration, Technology
|| 2 Comments »

Posted on: March 11th, 2010 by Famous Phil

For all of you who have no clue what single user mode is, it is a recovery environment for Linux based servers.  Single user mode allows for the system administrator account (root) to login via the local server (the console) to fix problems that prevent the server from coming up normally.

Single user mode can be triggered by a lot of factors, but there are two huge factors that can cause this.  One is when the system’s drive information file (fstab) becomes inconsistent with the server’s configuration.  The other time when a system will boot into this mode is when a file system is found to have errors on it.  Linux automatically checks its file system occasionally on boot, which is why single user mode may occur without much notice (that is if the check can’t quickly fix the problem on its own).

Single user mode presents only the root file system (/) to the root user after login and this file system has only read access.  This is to allow for file system checking since this mode is used commonly for running file system checks and repairs.  If your file system becomes corrupt, the last thing you want is for your computer to write to the file system and lead to further corruption.  The admin must mount the file system as read write in order to modify anything on the drive.

I’ve been in single user mode twice now for neglecting to verify all the information in the fstab file.  My first time in single user mode was not fun and I ended up using a Ubuntu live cd to fix the problem since I didn’t have enough patience to look up the command.  After my first time, I looked up the command in case I ever needed to enter single user mode again.  This effort paid off since I knew that I would be rebooting one of the servers a little earlier that had significant edits to the fstab file.  Although I was certain I didn’t make any mistakes, I didn’t check for duplicate entries.  This caused the server to boot into single user mode.  My job was to simply remove the duplicated line and reboot the server.  Since I can never remember the command, I decided to write this blog.  Remember this is a Centos 5.4 server running CPanel.

The command is: mount -n -o remount /

That command will mount the root file system (/) as a writable file system, thus allowing for a text editor such as vi to write edits back to the file system.  I simply used vi to remove the duplicated line in the /etc/fstab file and rebooted and the server is back up.  Hopefully I won’t see another time of single user mode, but as an admin, I’ve grown to expect stuff like this.  I thought I would share the command so I don’t ever get lost again trying to find it

Tags: mount, single user mode, write
Posted in Hosting / Server Administration
|| 1 Comment »