Mac OS X Tip - No Password, No Root, No CD? No Problem.
by , 11:00 AM EDT, June 16th, 2003
Say you've lost your account password, you don't have a system CD on hand, and you didn't enable root. Say you have no other way to log into that machine. Say you need access to the files on that machine right now.
Say you're in deep you-know-what, bucko.
Fortunately, there's a five minute fix -- all it takes is a little digging into the command line, and you're on your way. We got this hint from a technician who found himself in the deep end while trying to recover data from a PowerBook on extremely short notice.
My problem was this: I had no MacOS X CD, no user password, and root wasn't enabled.
What I had was this: A MacOS X Laptop that automatically logged in as an administrative user, but prompted me to enter a password whenever I attempted to perform an administrative task. A password I didn't have.
I needed to either reset the password on the logged in account, or enable root access and authenticate as that user. The solution:
- Reboot the machine into single user mode (CMD+S on boot)
- Mount the root file system as read/write (mount -uw /)
- Edit the SUDOERS file (visudo)
- Change all occurences of "(ALL) ALL" to "NOPASSWD: ALL" (Note: You'll need to know your way around the text editor vi -- check out the vi tutorial in MacOS X Command Line 101 for more. -TMO)
- Save the SUDOERS file and reboot (ESC-w, ESC-q, 'reboot')
- Open a terminal and execute the command 'sudo passwd root'
Voila! I was able to change the root password without being prompted for any other password. This done, I could authenticate as root and do anything I wanted on the box.
Here's the kicker -- this guy is a Windows technician. Who'd have thunk it?
So there's one method, but we discovered this only works if you have an account that automatically logs itself in when you boot the Mac. We're not all so lucky. What to do? We'll one-up this method with a way that works for any user account.
There you have it -- two really quick ways to get back into your machine when you're in a pinch. Now don't forget it this time!
Mac OS X is a very solid OS with a security record that Microserfs dream about in their fitful and guilt-ridden nights. It's nigh on impossible (at least right now) for someone to gain control of your system remotely, but if they have access to the box itself (or the notebook), and they are determined to do so, they can get your files. Heck, even starting up a Mac in FireWire Target Mode is going to let someone have your system, and if they have a Mac OS X CD, they can just reset the password through the utility included on that CD. So, if you want your system to be secure, mind who has access to it.