there is no way to "recover" the password, but there are ways to set the password back to default which will allow you to access again. Defaulting the password requires you to touch files which are usually not supposed to be touched manually, so while it is technically possible it is definitely not recommended, as a wrong command or a typo can have bad consequences.
For MWG the process is described in KB70100. You need to go to support.mcafee.com and use the "Knowledge Center" link. You need to be logged in, the KB article is NOT accessible for unregistered users, since it contains details which we don't want to share publically. It explains how to reset the password with MWG which includes
- Stop MWG
- Find the current storage
- Manipulate the storage
- Re-Create the security hash of the storage manually
- Start MWG
For SSH you need physical access to the machine, it is not possible to recover the password remotely. You need to reboot the machine in single user mode which directly drops you to a shell. Then you can re-mount the harddrive writable and use "passwd" to change the password for any user. Those instructions are valid for every linux system, but needless to say that fiddling around on the file system in single user mode might cause problems in case you do something wrong.
Better: Use a password you can remember or note it down on a safe place!
Thanks for helping me so much!!!!!
I have seen the KB70100 & would try all these on my non-critical box.....
But i would like you to explain me the SSH process in detail format as i had checked there is no KB for that......
Let me know how to go into the single user mode & remount the hard drive writable??????
There wont b any problem for me to test that...
in theory it should work like this:
- Get physical access (monitor + keyboard, VMware console, etc)
- Reboot (CTRL+ALT+DEL)
- On the red "GNU GRUB" screen which shows available kernels (right before the OS loads) hit "e" on the keyboard
- The screen will slightly change, showing the boot options to you. An entry like "kernel /boot/..." should be highlighted. Hit "e" on the keyboard again
- Now the screen turns black... hit space and add init=/bin/bash to whatever the line looks like. Hit Enter.
- Hit "b" to boot with the modified settings
- You end up at a shell
- Mount the / partiton writable: mount -o remount,rw /
- Change the password by using passwd root
- Hit CTRL+ALT+DEL
The system reboots now.
These are generic instructions which work for almost all linux systems. As mentioned earlier it is not advisable... you mount the partition holding the system manually and you drop into a shell that has all privileges the system offers. A single typo can cause major trouble and leave the appliance in an unrecoverable condition. These instructions are not supported - e.g. support won't be able to assist in case you lose any data or kill the file system!
I strongly recommend to not forget the root password. You may be able to add a public key for SSH and keep the private key at a safe place to use it as an "emergency login" in case the root password gets lost. Much better than fiddling around on the OS.
Ya,take your point,,,,,there is no need to fiddle around on the OS...but could u elaborate the adding of public key for SSH
for SSH it is possible to login with the root password or have a public/private key pair which can be used to authenticate someone, e.g. you place the public key to /root/.ssh/authorized_keys and add the private key to PuTTy (or whatever SSH client you use). When you login with the private key correctly setup you will be able to access without a password, since the keys identify you.
Using SSH with keys along with password authentication or instead of password authentication is identical for every linux/SSH enabled server, so any documentation on the internet explaining how to set it up is fine, such as https://help.ubuntu.com/community/SSH/OpenSSH/Keys
In the end you have to generate a key pair, add the public key to /root/.ssh/authorized_keys and store the private key to your computer. You could either create an individual key for every administrator with their own passwords, so everyone in your group will have root access with his personal password. No one actually needs to know the root password and everyone can restore it... plus you can revoke access for someone by deleting his key. Alternatively you can continue using password authentication but add (at least) one public key as a "backup" and store the private key somewhere in a safe place. You could even create a private key without a password, so you will be able to login with only the private key (no password required) to change the root password... such an "emergency" key should be placed at a really secure location such as a password safe or put it on a USB stick and put that in a vault you may have for backups.