In this post I will discuss about, how a person still can log into Single User mode even if you have secure the single user mode.We can still login into system even if you are getting password prompt in single user mode / runlevel 1.The practical has been done in CentOS 6.x and Red Hat 6.x.
In some articles you may have read about securing root access in single user mode.In which System Admin do editing in /etc/sysconfig/init
file and write SINGLE=/sbin/sulogin
whereas it disable sushell by giving comment on the line #SINGLE=/sbin/sushell
.After this when we restart the system,we also see in Single User Mode it is asking Root password and believe that Single User mode is safe.( See the given below screenshot)
NOTE: Red Hat do not recommend this. As per Red Hat recommendation we can secure root access by putting grub password.
Follow the steps to know,how you can still access in single usermode with root password even SINGLE=/sbin/sulogin
has been implemented.
Requirement: No CD/DVD/USB or extra media required
Condition: GRUB password should not be set
Step 1: Restart the system and go to single user mode or runlevel.Read my previous post about how to reset root password in runlevel 1 .
Follow our previous post and reach up to Step 4
See below screen shot,when system reach to this screen.With the arrow key,select the line starting with kernel /vmlinuz-
Step 2: Now we will add the command in line as given below after typing press ENTER.See the screenshot (only type given below command after giving a space)
init=/bin/bash
Step 3: After pressing ENTER key,you will be back to previous screen. Now press the key “b” to boot the system
System will be booted and directly login with user root in runlevel 1,without giving any password. But the system will not allow you to edit any file because it is in read only mode.
Now terminal now run the command
mount -o remount,rw /
See the below given screenshot for reference
Step 4: Now reset the root password and give new password
passwd root
Step 5: This step is optional. If you want to remove the Password prompt in runlevel 1/Single User mode. Edit 2 lines in the /etc/sysconfig/init file as given below.
vi /etc/sysconfig/init
Locate the line having parameter as SINGLE=/sbin/sulogin. Comment this line like this #SINGLE=/sbin/sulogin . (to comment use # sign in starting of the line, see given below screenshot)
And uncomment the line, SINGLE=/sbin/sushell (Remove # sign in starting of the line,to uncomment )
Save and exit the file. (In vi editor for save and exit, use keys, ESC : wq! and hit enter)
Step 6: Now reboot the system by using Magic Sysreq. If you are trying to reboot the system by init,shutdown or reboot command.The system will not reboot,it will show error or might be hanged)
echo b > /proc/sysrq-trigger
The system will be rebooted.
Step 7: Now check the new root password in runlevel 1. If you have followed Step 5 then also check the password prompt in Runlevel 1.Because we edited the /etc/sysconfig/init file,it will not ask for password prompt in runlevel 1