In this post I will discuss about, how a person still can log into Single User mode even if you have secure the single user mode.We can still login into system even if you are getting password prompt in single user mode / runlevel 1.The practical has been done in CentOS 6.x and Red Hat 6.x.
In some articles you may have read about securing root access in single user mode.In which System Admin do editing in /etc/sysconfig/init file and write SINGLE=/sbin/sulogin whereas it disable sushell by giving comment on the line #SINGLE=/sbin/sushell .After this when we restart the system,we also see in Single User Mode it is asking Root password and believe that Single User mode is safe.( See the given below screenshot)

runlevel 1

NOTE: Red Hat do not recommend this. As per Red Hat recommendation we can secure root access by putting grub password.

Follow the steps to know,how you can still access in single usermode with root password even SINGLE=/sbin/sulogin has been implemented.

Requirement: No CD/DVD/USB or extra media required
Condition: GRUB password should not be set

Step 1: Restart the system and go to single user mode or runlevel.Read my previous post about how to reset root password in runlevel 1 .
Follow our previous post and reach up to Step 4

See below screen shot,when system reach to this screen.With the arrow key,select the line starting with kernel /vmlinuz-.Now press “e” from your keyboard to edit.

runlevel1

Step 2: Now we will add the command in line as given below after typing press ENTER.See the screenshot (only type given below command after giving a space)

init=/bin/bash

runlevel 1 root passwd

Step 3: After pressing ENTER key,you will be back to previous screen. Now press the key “b” to boot the system

System will be booted and directly login with user root in runlevel 1,without giving any password. But the system will not allow you to edit any file because it is in read only mode.

Now terminal now run the command


mount -o remount,rw /

See the below given screenshot for reference

runlevel 1 root password

Step 4: Now reset the root password and give new password

passwd root

Step 5: This step is optional. If you want to remove the Password prompt in runlevel 1/Single User mode. Edit 2 lines in the /etc/sysconfig/init file as given below.

vi /etc/sysconfig/init

Locate the line having parameter as SINGLE=/sbin/sulogin. Comment this line like this #SINGLE=/sbin/sulogin . (to comment use # sign in starting of the line, see given below screenshot)

And uncomment the line, SINGLE=/sbin/sushell (Remove # sign in starting of the line,to uncomment )

runlevel 1 root password

Save and exit the file. (In vi editor for save and exit, use keys, ESC : wq! and hit enter)

Step 6: Now reboot the system by using Magic Sysreq. If you are trying to reboot the system by init,shutdown or reboot command.The system will not reboot,it will show error or might be hanged)

echo b > /proc/sysrq-trigger

The system will be rebooted.

Step 7: Now check the new root password in runlevel 1. If you have followed Step 5 then also check the password prompt in Runlevel 1.Because we edited the /etc/sysconfig/init file,it will not ask for password prompt in runlevel 1

Articles

What is Runlevel in Linux
How to create own Git Server with Gitolite and Gitweb in Ubuntu
Essential Linux Commands Every Beginner Should Know | With Examples
create and delete user in Red Hat and CentOS
How to install nginx webserver from source on CentOS and RHEL
How to install own git server with ssh and http access by using gitolite and gitweb in CentOS
Find installed and enabled apache module in Debian/Ubuntu
Set GRUB password after installation of CentOS/Red Hat
Install latest wordpress in CentOS 6
How to configure vsftpd server with virtual user mysql authentication in CentOS 6
How to install apache webserver in CentOS and Red Hat
Install and configure rsyslog Centralized logging server in CentOS 6.5
Recover Linux Grub Password in linux rescue mode CentOS/Red Hat
How to configure multiple mysql instance in Ubuntu
Setup Master Slave Chroot BIND DNS in CentOS 6 or Red Hat 6

Sharad Chhetri is an experienced Linux, DevOps, Cloud Engineer & Freelancer. Working on various technologies since RHEL 4 era. He loves sharing the knowledge which he has earned from his experience.
You can contact him on email for freelance projects at admin@sharadchhetri.com.

Read Some More Articles

SELINUX : squid service failed to start/restart
| |

SELINUX : squid service failed to start/restart

BySharad Chhetri

After installing the Squid Version 3.5.0 in CentOS 6.5. I got the issue,squid service failed to start/restart. Generally, after installing the package with by-default configuration,we can start/stop/restart the service without any problem.This time squid gave me trouble here. I checked the /var/log/messages and there was no sufficient logs giving any hint. In other words,I have…

manage jenkins plugin through command line and GUI
| |

Managing Jenkins plugins : command and GUI

BySharad Chhetri

Introduction Jenkins Plugins play very important role for adding and enhancing the features in Jenkins. Managing Jenkins Plugin is also crucial. In simple term, manage Jenkins plugin carefully and in return you will get awesome functions and features. In this post, we will learn managing Jenkins plugin from command line and GUI. Because Jenkins is…

How to start / stop / restart / reload iptables on CentOS 7 / RHEL 7

How to start / stop / restart / reload iptables on CentOS 7 / RHEL 7

BySharad Chhetri

On the journey of exploring the newly releaed CentOS 7 . I found another interesting thing. This is related to iptables. In previous CentOS versions, we used to stop iptables service by using the command service iptables stop or /etc/init.d/iptables stop On newly shined CentOS 7 / Red Hat 7 , with systemctl command we…

Setup MySQL master slave replication in CentOS 6
|

Setup MySQL master slave replication in CentOS 6

BySharad Chhetri

In this tutorial we will learn about how to setup MySQL Master Slave replication in CentOS 6.4.In Master-Slave replication one database server (Master) can replicate the databases to one or more MySQL database Server(slave). The Slave server is not required to be connected always with Master Server, once slave server is up and when you…

df command
|

6 df Command Examples To Check Mounted Filesystem On Linux

BySharad Chhetri

In this tutorial we will learn about, how to use df command to check the mounted filesystem on linux. As a Linux System administrator, this command is basic and very important.The df command shows the usage of mounted filesystem.It is notable that the filesystems which are not mounted on system,we can not get its information…

NOTICE: nagios.cmd file not found. Please specify the location of this file in your /etc/vshell.conf file
|

NOTICE: nagios.cmd file not found. Please specify the location of this file in your /etc/vshell.conf file

BySharad Chhetri

NOTICE: nagios.cmd file not found. Please specify the location of this file in your /etc/vshell.conf file This is continue of my last post on how to change nagios frontend with vshell Nagios version : 3.x While configuring the vshell it might be possible you can get this warning message.The warning message occur when you run…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.