Linux Password Recovery
Links cisco/PasswordRecovery
- Questions
- When a user forgets a password, how do you reset it ?
- How do you make it harder for a attacker to reset your password ?
- How does home dir encryption factor into the recovery of a user password ?
- Reset password
- Hold Shift during boot to start GRUB menu.
- Highlight your image and press E to edit.
- Find the line starting with "linux" and append rw init=/bin/bash at the end of that line.
- Press Ctrl + X / F10 to boot.
Type in # passwd username and set the password.
- Home drive encryption recovery
- After resetting the user password, it can't unwrap the encryption key to mount the home drive.
- Use the encryption key that you saved safely when you created the system, if you don't have it the homedrive is lost, just delete the user and re-create.
- boot ubuntu, up to login screen
switch to terminal <ctl><alt><f1>, and login with the user, and new password
printf "%s\n%s" "<LongSavedDiskEncryptionKey>" "<NewUserPassword>" | sudo ecryptfs-wrap-passphrase /home/${user}/.ecryptfs/wrapped-passphrase -
now <alt><f7> back to gui login, and if everything should work.
- After resetting the user password, it can't unwrap the encryption key to mount the home drive.
...