In this video, learn how to handle Linux distros with no root password, including Ubuntu.
- [Instructor] By default, Ubuntu doesn't set a password on the root account. If you were to manually install Ubuntu, it'll ask you to create an account to use for administration purposes. It won't let you set a root password. This is fine because root logins are disabled by default in Ubuntu. But when you boot into single user mode, you will get a root prompt, even if you've configured the system to prompt for a root password. There is no password, so it can't ask for one. To make this work, you must set a root password. Here's an Ubuntu system, and I'm going to boot it into single user mode.
Here we are at a root prompt, and we weren't prompted for a password. I'm gonna show you that the sulogin process was actually executed versus the sushell. The sulogin is the one that should prompt you for a password. So we'll just look at our current PID, which is $$. It's PID 583. We'll look at that. PID, whoops, 583, and its parent PID is 581, so we'll look at its parent PID of 581.
And you can see that sulogin was indeed executed, and that spawned our bash shell. I can also show you that sulogin is configured for system D as well, so we'll just get into the lib/systemd/system directory here, and then we'll grep sulogin for emergency.target. Whoops, I'm sorry, emergency.service, and then we'll grep that for rescue.service as well.
So you can see that system D is configured to execute sulogin, but again, it didn't prompt us for a password. So the root password is not set on this system. I can show you that by doing a head -1 on etc/shadow, and you can see that where the encrypted password would be, there's an exclamation mark there. So I'll go ahead and set the root password using the passwd command. All right, there's the root password. It's been set. So now that a password is set, when we boot into single user mode, it will prompt us for that password.
Let's do this real quick. I'll just go ahead and reboot it. And we're going to boot into single user mode. And now that we're using sulogin, and a password is set for the root account, we're being prompted for that password. If I didn't touch on the specific distro you're using, just look for all instances of sushell in the boot-up process for your distro and replace them with the sulogin.
If you think about this conceptually, you know that the boot loader starts the kernel, and the kernel then starts some other process. Typically, that process is init or an init replacement. Just think about how the boot process works, and it will lead you to where you need to make any changes.
- What makes Linux secure?
- Physical security concepts
- Encrypting new and existing devices
- Account and network security
- Linux firewall fundamentals
- File system security
- File and directory permissions
- ACLs and rootkits