This post describes the recovery of a broken virtual machine within ESXi 5.1 (update 1). The VM was damaged in several ways: the vmxf file was missing, and so was one of the vmdk files. The system was down and not bootable due to the missing files. In addition, the root password had been lost and needed recovery. The same procedure, or parts of it, should work for other ESXi VMs. The broken VM was running Red Hat, but that barely impacts the procedure, apart from the password recovery bit. Continue reading
Tag Archives: shadow
How to Rename the Default Raspberry Pi User
NOTE: The article below applies only to Raspian distributions published before April 2022. At that point, the default “pi” user was dropped, for sound security reasons. Subsequent releases include an alternative, and more secure, process for creating a user of your choice (detailed at the above link).
The rest of this article remains online for historical reasons only, and should no longer be used. (author, 6/7/24).
Historical Article
The Raspberry Pi comes with a default user called “pi”, whose initial password is also set to a well known default. While this makes it easy to use the system, it is not very secure. Anyone with physical access to your Pi could login with these widely known credentials. Furthermore, if you have enabled the SSH server, users on the local network could do the same.
Even if you have changed the “pi” user password, just having a user name that is universally known is still a security risk. The following article explains how to safely rename the “pi” user to something more secure. This article was last updated on 31st May 2020 and tested with Raspbian (Raspios) Buster release 27/5/2020. Continue reading
How to disable LDAP Authentication in Linux
After a customer had performed some bad edits on various LDAP configuration files, users were locked out and unable to access the system. Root could still login however.
I logged in as root, and rather than mess with various config files, eg under /etc/pam.d, ran this command to disable LDAP authentication and enable “normal” authentication using /etc/shadow: Continue reading
Root Password Recovery on a Sparc LDOM
If the root password for a Unix system is lost or forgotten, it can be very difficult to regain root access and perform further administration work. Often it will be impossible. You could be lucky – there might be a user account with sudo access, or even a root shell still open on the system somewhere, for example on the system console. If the system is x86, you might be able to boot it from a live CD and restore root access by doctoring the root disk. Otherwise, with most systems (physical and virtual), it will often be a case of rebuilding the system from scratch.
Solaris is a bit different. It has long been possible with Solaris to regain root access by booting the physical system from a Solaris installation CD, mounting the original root disk and removing the root password string from the relevant file, usually /etc/shadow. The same technique works, surprisingly, with SPARC virtual systems, aka LDOMs. Proceed as follows. Continue reading