One of the legacy systems I inherited at my job was a standalone Red Hat Enterprise Linux 4.0 server with no documented credentials or purpose… at least, none that I could find, or that anyone in the business could recall. It’s difficult to decide if a server is still necessary when there’s no information! L33T hacking skills to the rescue!

1. Reboot the server. We need to edit the startup configuration in order to reset the ROOT password.
2. As the server begins to boot again, the GRUB screen will appear for a few seconds. Press a key in order to interrupt the boot sequence.
   

   

3. If you interrupted the boot in time, you’ll be presented with a menu. Use the arrow keys to select the top option and press E.

   

4. Use the arrow keys to highlight the line starting with kernel and press E.

   

5. Add the word single to the end of the line you’re editing, and press ENTER to save the change. This instructs the boot process to load in single user mode:
   kernel /vmlinuz-2.6.9-55.ELsmp ro root=LABEL=/1 nousb single
6. Press b to continue the boot process.
7. Once the boot process is finished, you’ll be left at the prompt. Use the passwd command to reset the password for the current user (Root).
8. Issue the reboot command to restart the computer. It should boot normally, at which point you can use the new Root password to log in.

I logged in and found that this server seemed to only run a very old copy of sendmail (which no longer had a valid configuration), so I took the server offline for a scream test. In a few days, I’ll formally decommission it!