I have a linux pc on which several users are configured to login. for the same PC i have the root access (username and password). I have lost one of the user accounts password. How to get back the password for that particular user account. I have tried the following being a root user
passwd <login name> Enter new password confirm new password But its not fruitful could you please suggest some ways of recoverng the password.
Also,I got to know that passwords are stored in /etc/shadow file in encrypted form. Does anyone know how to get the decrypted form of encrypted password.
33 Answers
The whole point of storing hashed passwords in /etc/shadow is so that it is not possible to retrieve the plaintext password, so there is no way to determine what the current password is. Your only option is to reset the password using passwd <username> as root.
If you wish to try to brute force it, the hashes are stored in /etc/shadow. They are salted, so a rainbow table attack will likely not work. You can try John the Ripper to brute force it, but unless the word is a dictionary word or otherwise very weak, I do not think you will have much luck.
You must enter the command
passwd $user where $user is replaced with the account username that has lost the password.
If you're just entering passwd naked, with no arguments, then passwd assumes that you're wanting to change the password of the currently logged in user.
Also, make sure you're using su root to start a root shell, running sudo, or such.