Root password does not login? Cannot create in password in single user mode?

tentimesobelix

New Member


Messages: 2

Hi Forum,

When I boot up FreeBSD for the first time
(not completely the first time - as I've had earlier versions installed and had the same problem,
but didn't report it because I was trying to find a solution.) the root password or the user password
just says login incorrect. I am sure the passwords were correct 100%.
So eg.
Code:
Login: root
          Password: this-is-not-the-correct-password-it-has-Letters-Numbers-and-Symbols-in-it
Error: Login incorrect
So I boot into single user mode and I type:
mount -u -o rw /
then password root
try a few password combinations, get them right 100%, but it still comes up with Error: Password Mismatch, press EOF to quit.
then vipw
then get rid of the "c" in csh in the root area up the top. Probably cause I think its caused by the root shell not being sh.
This does not work. Is there something wrong with my hardware?
It doesn't like all that Advanced Configuration Power Interface stuff.
Errors with that could be related I suppose.
 

ShelLuser

Son of Beastie

Reaction score: 1,790
Messages: 3,600

Are you sure this happened on FreeBSD and not some kind of derivative? Reason I ask is because FreeBSD doesn't have a password command. That error message is also not something I'd associate with a vanilla FreeBSD environment.

Also: changing the shell from csh into sh won't help with this because password issues have nothing to do with the shell itself.

Anyway, this has nothing to do with with your hardware, it's more likely that this is a misconfigured setup.
 
OP
T

tentimesobelix

New Member


Messages: 2

The Error wasn't Password Mismatch, btw. I am sorry but I can't seem to get a screenshot of it. It began with
Code:
 (pw) error
Sorry it was passwd and not password like you said. No its not a derivative. And its the stable FreeBSD Release 11.2. But earlier versions didn't work either.
I tried ZFS or UFS automated in the setup. Never tried to manually partition my disk or from the shell. Configured ZFS stripe to use 1 Hard Disk. Accepted the 4K Cluster
size. Changed the Swap Size from 2G to 16G (twice my RAM). Didn't Encrypt disk or Swap. If I installed using UFS the next time round (because of the same passwd error), I accepted
the defaults.
I networked an ethernet cable with a 4G modem all setup. I set my hostname as snake.reptiles365.net.au (made up) and place that above the nameserver numbers. Maybe this is where It went
wrong. Networking never seems to get right for me after the installation. I am the system administrator so I have no one to ask but you ladies and gentlemen for help.

I also enabled the moused, the ntpd and the powerd (as its a laptop), went into security preferences and randomized new processes, disabled remote logging and disabled sendmail.
Do these options make it fail and should be left alone?
Also when adding a user account, I set the login class to staff (because I am an OpenBSD user and it increases performance if you tweak login.conf settings. But this shouldn't affect
the root account practically being disabled.
Anyway I probably should learn how to avoid the root account, create my LAN over Wifi (I mean connect all my computers together with Kerberos, OpenSSH and LDAP or something) and use
password-less logins. But in the mean time, do you know anything about my problems?
 

Tcll

New Member


Messages: 1

The Error wasn't Password Mismatch, btw. I am sorry but I can't seem to get a screenshot of it. It began with
Code:
 (pw) error
Sorry it was passwd and not password like you said. No its not a derivative. And its the stable FreeBSD Release 11.2. But earlier versions didn't work either.
figured I'd post here because I just recently switched to OpenBSD and am having the exact same issue
I can login to my user account, but not my root account which has a more secure password with symbols.

it would seem the symbols are the reason the installation goes through, but you can't login once booted.
hopefully this gets fixed because level-1 security (A-z + 0-9) can easily be brute forced depending on password length (less than 128 characters)

for more detail on what I mean by "level-1 security", here's the password security levels according to my password generator:
level-1: A-z + 0-9
level-2: level-1 + common symbols (' !#$%&()*+,-.:;<>?@[]^_{|}~')
level-3: UTF-8
level-4: UTF-16
(levels determined by password security (what characters are allowed) of various websites)


OT-fun: weird coincidence I'm having this issue on the exact same day 1 year later (literally created this account for that reason XD)
note: I've been planning to get involved for some time, just that me having this issue this day made me create it sooner (I just had to)
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,793
Messages: 33,081

figured I'd post here because I just recently switched to OpenBSD and am having the exact same issue
I can login to my user account, but not my root account which has a more secure password with symbols.
As somebody that came from OpenBSD you should be familiar with the fact that root is not allowed to login remotely.

it would seem the symbols are the reason the installation goes through, but you can't login once booted.
A trap I fell for more than once, take your keyboard layout into account. Certain symbols move around when a different keyboard layout is used. For example the @ and " are sometimes swapped depending on the layout. If your password has any of those you may be blindly typing the wrong character (and therefor the wrong password) because the keyboard is set to a different layout.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,793
Messages: 33,081

The easiest way to test if the layout is wrong or not is to enter some of those special characters at the login prompt. You'll quickly see if the keyboard layout is correct or not.
 

Trihexagonal

Daemon

Reaction score: 1,124
Messages: 1,805

I can login to my user account, but not my root account which has a more secure password with symbols.
What am I missing here? That's not the error I get when entering the wrong password to become root from my user account:

Code:
$ uname -a
FreeBSD unmei 11.2-RELEASE-p14 FreeBSD 11.2-RELEASE-p14 #0: Mon Aug 19 22:38:50 UTC 2019     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
$ su
Password:
su: Sorry
$
I never log in directly as root and always su from my user account. I know special characters are allowed in both the user and root passwords because I use some you listed.
 

userxbw

Well-Known Member

Reaction score: 31
Messages: 424

I do not know much, but could one not use a usb stick with bsd on it, boot that, you got a terminal , then mount and chroot the system then use that super user to add, or change the passwd?

change paswd
 

richardtoohey2

Member

Reaction score: 23
Messages: 82

I use OpenBSD and FreeBSD on a daily basis and not encountered anything like this. I'd recommend trying a FreeBSD on another machine and just take the defaults while you are experimenting. Keep everything very simple and use the defaults.

The only login/user issue I get sometimes is this one:


Just mentioning it because it does start with "pw" as per your description but otherwise think it is unlikely to be the issue.

As userxbw says - you can boot off a Live CD or USB and then change the root password. (Something like this article: https://www.cyberciti.biz/tips/howto-freebsd-reset-recover-root-password.html) Maybe change it to something simple to start with and make sure it all works. Then try longer/more complicated passwords and see if you can find the underlying issue(s).
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,793
Messages: 33,081

I do not know much, but could one not use a usb stick with bsd on it, boot that, you got a terminal , then mount and chroot the system then use that super user to add, or change the passwd?
No need for all that, you can simply boot to single user mode, mount the filesystems read/write and change root's password.
 

userxbw

Well-Known Member

Reaction score: 31
Messages: 424

w/o root privileges? Interesting... 🧔
Well I did say, "I do not know much," o_O
 

ljboiler

Well-Known Member

Reaction score: 129
Messages: 401

Why do you think it's called "single user mode"? There is only a single user allowed on the system, no login required, and that user is root.
 

userxbw

Well-Known Member

Reaction score: 31
Messages: 424

Why do you think it's called "single user mode"? There is only a single user allowed on the system, no login required, and that user is root.
shows you how much I know about that one...

(perfect example of what happens when ones 🧠 is in passive mode).

thanks for stepping in and giving the logical line of thought to clarify that.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 8,793
Messages: 33,081

You can force root to login for single user mode. You'll need to edit /etc/ttys and change the console line from secure to insecure. But keep in mind this is rather superficial and can easily be circumvented. If an attacker has physical access to your server, all bets are off any way. To protect against that you'll need to resort to things like full disk encryption.
 
Top