0

Our lead tech (unprofessionally) left our project, we can't contact him, but I, as a semi-technical project manager have access to our server on Joyent. Our new dev needs to take a look at our running instance to complete the project.

Is it possible to retrieve the root passphrase?

If I create new private ssh keys, should we be able to gain access to the server?

Worse case scenario, how can I back up the data if I can't access via ssh?

Trying to clean up this mess to hand over the right credentials to the professionals as soon as possible. Any help would be GREATLY appreciated. Thank you.

ruckadub
  • 1

1 Answers1

3

Are you able to ssh to the server? Are you able to sudo to the root user? What can you run via sudo?

Backing up the data will be easy if you can run sudo /bin/bash, for example, then use rsync to take a copy. Even better would be to take file system dumps using dump or zfs send for example. You can take block level backups using dd.

If you have physical access to the server, be it a recovery mode via Joyent, or being able to boot install media, then you can edit the /etc/shadow file. This is by far the simplest thing to do if possible. Once you edit /etc/shadow copy the crypt string from a user you know over the root user crypt string. For example:

root:$6$YPBAiH9m$Kf9euZx0JLKo6M51SIk1lQ1tjUajETECta/eB8dLTWEfPF1NncM7ebQrnPu7ExwqnZ130VcWyvRI21d8GlmyY/:16392:0:99999:7:::
ed:$6$zg0pHyXY$y6EriYDZCh4zrz1kztlxG2Fpf.8pmh9ON0fkoaSlW2jBJXfizrlBwGV4CFntwWsE55FKvuNlCS5UCpC1f2sio1:16392:0:99999:7:::

So, I know the password for ed, I'm just going to make root's look the same:

root:$6$zg0pHyXY$y6EriYDZCh4zrz1kztlxG2Fpf.8pmh9ON0fkoaSlW2jBJXfizrlBwGV4CFntwWsE55FKvuNlCS5UCpC1f2sio1:16392:0:99999:7:::
ed:$6$zg0pHyXY$y6EriYDZCh4zrz1kztlxG2Fpf.8pmh9ON0fkoaSlW2jBJXfizrlBwGV4CFntwWsE55FKvuNlCS5UCpC1f2sio1:16392:0:99999:7:::

See, so in effect, this is the easiest thing you can do, as you'll be setting the root password the same as a user that you know the password of.

Ed Neville
  • 193