Deleted /etc/passwd file while accessing to our test server via putty | Unix Linux Forums | UNIX for Dummies Questions & Answers

  Go Back    


UNIX for Dummies Questions & Answers If you're not sure where to post a UNIX or Linux question, post it here. All UNIX and Linux newbies welcome !!

Deleted /etc/passwd file while accessing to our test server via putty

UNIX for Dummies Questions & Answers


Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 06-22-2013
rahul547 rahul547 is offline
Registered User
 
Join Date: Jun 2013
Last Activity: 27 June 2013, 2:37 AM EDT
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Deleted /etc/passwd file while accessing to our test server via putty

Hi

I was accessing our linux test server via putty and By mistake i deleted /etc/passwd file.....

It is allowing me to login..... So could anyone please help me out in this issue....

Please, it is urgent
Sponsored Links
    #2  
Old 06-22-2013
Corona688 Corona688 is offline Forum Staff  
Mead Rotor
 
Join Date: Aug 2005
Last Activity: 17 December 2014, 4:46 PM EST
Location: Saskatchewan
Posts: 20,015
Thanks: 855
Thanked 3,448 Times in 3,221 Posts
Restore from backup, or copy over from a machine with an identical account layout.
Sponsored Links
    #3  
Old 06-22-2013
gacanepa gacanepa is offline
Registered User
 
Join Date: Jun 2013
Last Activity: 9 October 2014, 9:12 AM EDT
Location: Villa Mercedes, San Luis, Argentina
Posts: 170
Thanks: 21
Thanked 25 Times in 21 Posts
Quote:
Originally Posted by rahul547 View Post
Hi

I was accessing our linux test server via putty and By mistake i deleted /etc/passwd file.....

It is allowing me to login..... So could anyone please help me out in this issue....

Please, it is urgent
It is allowing you to login or NOT allowing you to login? - I assume it is NOT allowing you to login.
Here's what I would do. Login to another computer (preferably same Linux distro/version) and copy
the line of that system's /etc/passwd file where it specifies the password for root. In my system it is:

Code:
root:x:0:0:root:/root:/bin/bash

Then paste it into your test server's /etc/passwd file.
Same thing with /etc/shadow:

Code:
root:$longjumbleofstuff:15797:0:99999:7:::

Moderator's Comments:
Posting lines from your /etc/shadow exposes your password to cracking, they should be posted obscured.

Of course, you will have to do this with a LiveCD. Knoppix is an excellent choice if you ask me.
Please note that unless you have really messed things up, the /etc/shadow file must exist in your test server. You will have to edit it with root's encrypted password that you have copied from the other working computer.
You can also take a look at the following pages:
linux admin: Recovery of deleted /etc/passwd File in Linux
Recover deleted /etc/passwd File In RHEL | For Some Cool Tips By VINY
Hacking Root Password In Linux | For Some Cool Tips By VINY
Good luck!
Let us know how everything goes .

Last edited by Corona688; 06-22-2013 at 03:10 PM..
    #4  
Old 06-23-2013
RudiC RudiC is offline Forum Advisor  
Registered User
 
Join Date: Jul 2012
Last Activity: 18 December 2014, 6:53 AM EST
Location: Aachen, Germany
Posts: 4,873
Thanks: 80
Thanked 1,220 Times in 1,146 Posts
Unless you can restore that file from a backup, your accident won't go unnoticed. You can start off with the usernames from /etc/shadow and rebuild /etc/passwd, but e.g. non-standard login shells and user homes will be lost. You might be lucky in that passwords are stored in /etc/shadow.
Sponsored Links
    #5  
Old 06-23-2013
gacanepa gacanepa is offline
Registered User
 
Join Date: Jun 2013
Last Activity: 9 October 2014, 9:12 AM EDT
Location: Villa Mercedes, San Luis, Argentina
Posts: 170
Thanks: 21
Thanked 25 Times in 21 Posts
Moderator's Comments:
Posting lines from your /etc/shadow exposes your password to cracking, they should be posted obscured.

Thanks! I actually thought about that and changed several characters in the password field. But now that you mentioned it, how do I post something 'obscured'?
Sponsored Links
    #6  
Old 06-23-2013
RudiC RudiC is offline Forum Advisor  
Registered User
 
Join Date: Jul 2012
Last Activity: 18 December 2014, 6:53 AM EST
Location: Aachen, Germany
Posts: 4,873
Thanks: 80
Thanked 1,220 Times in 1,146 Posts
e.g. by replacing the encrypted password by the string "obscured" (or "xxxxxxx" or...).
Sponsored Links
    #7  
Old 06-24-2013
Corona688 Corona688 is offline Forum Staff  
Mead Rotor
 
Join Date: Aug 2005
Last Activity: 17 December 2014, 4:46 PM EST
Location: Saskatchewan
Posts: 20,015
Thanks: 855
Thanked 3,448 Times in 3,221 Posts
Quote:
Originally Posted by gacanepa View Post
Thanks! I actually thought about that and changed several characters in the password field.
Ah, good. I couldn't have known that unfortunately
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Passwd,shadow files deleted and abort sequence disabled satish51392111 Solaris 9 05-22-2012 11:05 AM
-805 error in AIX UNIX accessing TEST DB from PROD satishstar2 AIX 1 06-09-2009 03:18 PM
how to get passwd command again if it is deleted by usin rm command venkata.ganesh Linux 5 02-13-2009 11:56 AM
/etc/passwd file been deleted gera_sachin125 Solaris 5 02-11-2008 01:36 PM
Deleted /etc/passwd cyno UNIX for Dummies Questions & Answers 5 08-11-2002 04:00 PM



All times are GMT -4. The time now is 08:26 AM.