Raspbian : I've lost my password !



Background

Yeah, I know, I should have written it down in a safe place, in a vault or so. But it happened. I've lost access to my Raspberry taking care of my hotspot and sending my various API calls to my Yamaha Amplifier. This is an issue since I need to adjust some settings !

Problem meets Solution !

You can always be brutal and reinstall everything, but I'm not that fool. There are 2 obvious ways to recover a lost password on Raspbian. Actually, those ways are the same on any Linux platform : start in single user mode or edit the /etc/shadow file with a well known encryption pattern.

I was too lazy to find a screen and a keyboard, so I decided to go for option 2.

Encryption on Linux systems is using non reversible format. It means, you cannot decrypt the password. Only a brute force mechanism against a dictionary of words is possible. It works, but could takes years ! So, Instead of that, I'm using it the other way around : I'm using a known password, ask the system to encrypt it, and directly save the encrypted version of it.

1) Shutdown the Pi and remove the SD card.

2) I've created a new user with "raspberry" as password on another Linux system and I have secured the encrypted string from the shadow file :

$6$Ohe8K0iM$7QCLVmBCfLjexYCIQWeOTawYqfC6onxzTOdk2M5uq0vNgIqHZ/lbfjhMtpz7DxaYEWTlqq1Id4enyjNjASZ6G1

Note : if you do the same on your side, you may have a different string. Indeed, the same string could give two different encryption string. Mostly because the system is using a salt where the date and time are used. Do not worry, either generate a key on your side, or use the one above. More info on how password are encrypted on Unix/Linux systems here.

3) Mount the SD card on a Linux system (or any system able to read/write EXT3/4 partitions and edit the /etc/shadow file.

$ sudo su -
# cd /run/media/flhoest/rootfs/ 
# vi etc/shadow

4) Change the encrypted password of the line starting with "pi" - pay attention to the semi columns, there are user IDs and we don't want to affect that. So, respect the syntax and only change what's between the first 2 semi columns.

[...]
pi:$6$Ohe8K0iM$7QCLVmBCfLjexYCIQWeOTawYqfC6onxzTOdk2M5uq0vNgIqHZ/lbfjhMtpz7DxaYEWTlqq1Id4enyjNjASZ6G1:19006:7:90:7:::
[...]

5) Save the changes (:x) and unmount the SD card

[root@localhost ~]# umount /run/media/flhoest/boot 
[root@localhost ~]# umount /run/media/flhoest/rootfs

6) replace the SD card in the Raspberry Pi and start it up

7) after few min, this is time to confirm if it worked by attempting an ssh connection (you may check your router to get the IP if you are using DHCP).

# ssh pi@192.168.1.5 
The authenticity of host '192.168.1.5 (192.168.1.5)' can't be established. ECDSA key fingerprint is SHA256:kmQqfewccDb6P452xqlEW+MmQtcSRiPyDyJ+uUM1H/0. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes 
Warning: Permanently added '192.168.1.5' (ECDSA) to the list of known hosts. 

pi@192.168.1.5's password: 

Linux hotspot 4.19.66-v7+ #1253 SMP Thu Aug 15 11:49:46 BST 2019 armv7l 
The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. 

Last login: Thu Jun 10 19:42:34 2021 from 192.168.1.6 
SSH is enabled and the default password for the 'pi' user has not been changed. 
This is a security risk - please login as the 'pi' user and type 'passwd' to set a new password. pi@hotspot:~ $
pi@hotspot:~ $ passwd pi

And hell yes ! it works perfectly. I haven't lost anything, apart from an amazing uptime ...

Do not forget to change the password afterward.

I hope this helps ;)


Comments

What's hot ?

Wallbox : Get The Most Of It (with API)

Mac OS X : Display images in-line with terminal

ShredOS : HDD degaussing with style