Ask Your Question

Root password doesn't work, I think i've been hacked. How can I check?

asked 2017-12-15 21:57:44 -0500

Is there a way to changer the root password using sudo or forcing a password reset? Also installed programs are missing (rkhunter) and the logfiles for security pgms (denyhosts, ssh) are gone, or do not allow access as user 'sg' (only user acct installed during setup)

Rebuild from scratch is not a bfd since it's a new install from a couple days ago - would just like to find out what happened before I wipe all the evidence. I've rescued the '/var/log/messages' file and about to parse it into a spreadsheet in Windoze to find out if any remote logins, etc

Thanks in advance

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2017-12-16 01:37:56 -0500

If this is the password you've forgotten, then here's how to reset it:

Reboot the machine
After the power on self-test screen, press and hold the Shift key
When the Grub boot menu comes up, select to boot in Recovery Mode.
At the Recovery Mode menu, choose to drop to a root shell.
At the prompt, type:

passwd your-user-name

Obviously replace your-user-name with your Ubuntu username.

Choose a new password
Reboot the PC.
edit flag offensive delete link more


Ubuntu? if you intend to copy and paste an answer from some other source, please reference the original source, so that people know where to look. downvoted the answer for that reason.

SteveEbey73701 gravatar imageSteveEbey73701 ( 2017-12-16 08:17:19 -0500 )edit

Question Tools


Asked: 2017-12-15 21:57:44 -0500

Seen: 122 times

Last updated: Dec 15 '17