Activities

January 2013
M T W T F S S
« Dec   Mar »
 123456
78910111213
14151617181920
21222324252627
28293031  

1and1.com : How do I reset ssh root password.

Recently I’d to take over one of client managed server and setup some routine backup mechanism and server security system as per the requirements. Unfortunately that customer does not have any idea about the server side and hosting part. And so no idea about ssh root password. He provided Plesk admin access and I try to see all the way to reset root password.

What I’m thinking that 1and1.com does not provide anything you as free. So your root password request will be denied.

1ad1.com WILL NOT RESET THE ROOT PASSWORD.

Finally talk to 1and1.com support and they provide a mechanism to reset the root password. I believe KVM is an easy way to do this.

Here is 1and1.com solution.

a. They will boot the hardware on another boot medium ( Debian boot image) through 1and1 UI.
b. Mount the “/” partition under “/mnt”
c. Identify the other mountpoints by looking the “/etc/fstab” and mount it under “/mnt/location.
d. Chroot the “/mnt” location.
e. Reset the root password.
f. create another normal user if the root ssh login is disabled.
g. Shutdown the rescue OS

. Reboot the hardware in Normal from 1and1 web UI.

Boot the hardware from Rescue OS

We need to login to 1and1 control panel and choose recovery tool. You will see some options as shown below in that coming screen. Put tick on reboot and choose the option “Linux 64 bit Rescue system” choose either of 32 or 64 bit platform.

Click ok for next step.

That’s done

Now you can access the rescue system using the same IP with new root password in 5 minutes.

once login to the server, you'll see the screen like this,
Linux rescue 3.0.52 #1 SMP Mon Nov 19 09:03:22 UTC 2012 x86_64
*********************************************************
            1&1 Rescue System
       Boot Time Wed Jan  9 06:39:50 UTC 2013
 
Kernel:                  Linux rescue 3.0.52
Architecture:            64bit
CPU model:               Dual-Core AMD Opteron(tm) Processor 1216 HE
Number of Cores:         2
RAM:                     2048 MB
 
SW-Raid raid status:     md1 : active raid1 sda1[0] sdb1[1]
md3 : active raid1 sda3[1] sdb3[0]
 
More information with: more /root/help/readme_en.txt
                       more /root/help/readme_de.txt
*********************************************************
rescue:~#

now we need to identify the disk and volume attached to the server. Pls note that my server is using RAID-1 ( Mirroring). So it has two disks.

rescue:~# fdisk -l
Disk /dev/sda: 250.1 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xec28529f
    Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1         487     3911796   fd  Linux raid autodetect
/dev/sda2             488         731     1959930   82  Linux swap / Solaris
/dev/sda3             732       30401   238324275   fd  Linux raid autodetect
Disk /dev/sdb: 250.1 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xda094501
   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1         487     3911796   fd  Linux raid autodetect
/dev/sdb2             488         731     1959930   82  Linux swap / Solaris
/dev/sdb3             732       30401   238324275   fd  Linux raid autodetect
Disk /dev/md3: 244.0 GB, 244043939840 bytes
2 heads, 4 sectors/track, 59581040 cylinders
Units = cylinders of 8 * 512 = 4096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/md3 doesn't contain a valid partition table
Disk /dev/md1: 4005 MB, 4005560320 bytes
2 heads, 4 sectors/track, 977920 cylinders
Units = cylinders of 8 * 512 = 4096 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
 Disk /dev/md1 doesn't contain a valid partition table
 Disk /dev/dm-0: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/dm-0 doesn't contain a valid partition table
Disk /dev/dm-1: 235.5 GB, 235451449344 bytes
255 heads, 63 sectors/track, 28625 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/dm-1 doesn't contain a valid partition table
Disk /dev/dm-2: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/dm-2 doesn't contain a valid partition table

Now we need to identify the disk having the root volume. I identified that /dev/md1 is the root volume disk. So I need it mount to “/mnt”. Then we need to identify the othe mount points. Pls note I’m going to mount all the volume/disk under “/mnt” since “/mnt” is representing root device. So I uses /etc/fstab to identify the existing mount points. Then mount it to under “/mnt”

rescue:~# mount /dev/md1 /mnt
rescue:~#  cat /mnt/etc/fstab
/dev/md1        /               ext3    defaults        1 1
/dev/sda2       none            swap    sw
/dev/sdb2       none            swap    sw
/dev/vg00/usr   /usr            xfs     defaults        0 2
/dev/vg00/var   /var            xfs     defaults,usrquota       0 2
/dev/vg00/home  /home           xfs     defaults,usrquota       0 2
devpts          /dev/pts        devpts  gid=5,mode=620  0 0
none            /proc           proc    defaults        0 0
none            /tmp    tmpfs   defaults        0 0
rescue:~# mount /dev/vg00/usr /mnt/usr/
rescue:~# mount /dev/vg00/var /mnt/var/
rescue:~# mount /dev/vg00/home /mnt/home

Chrooting the “/MNT” to make it root disk and reset the root password.

rescue:~# chroot /mnt
rescue:/# passwd
Changing password for user root.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
rescue:/#

Interestingly you may need to create a normal user account as plesk disables or server hardening used to disable root logins. Here i created a user account.

rescue:/mnt# useradd liju
rescue:/mnt# passwd liju
Changing password for user liju.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
rescue:/mnt#

Ensuring root login is enabled ?

I see the 1and1.com disabled root login and I saw the “PermittRootLogin=yes” was commented in config and make it active.

rescue:/mnt# vi /etc/ssh/sshd_config
rescue:/mnt# useradd liju
rescue:/mnt# passwd liju
Changing password for user liju.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
rescue:/mnt#

Unmount the mountpoints and shutdown the server.

rescue:~# umount -al
rescue:/mnt# shutdown -r now

Login back to 1&1 control panel and boot the server in normal mode from recovery tool. See the screen shown below,

This time server will be rebooted with original disk and hardware. Now you can login to the server using new root password. If you see access denied you may login using the normal user account and switch the root user after the user login.

Happy administration 🙂

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>