First, a very big thank you to everyone who responded. Here is a summary of the responses that I got and finally, what I did to recover access to my system.
The standard fix for a bad shell (or lost root password) is to reboot single-user from CD, mount the file system and repair /etc/passwd. However this would have been very inconvenient for me since the system was hosted in a remote location. So I was looking for a way to recover remotely.
1. The most-suggested fix was to ftp to the machine, retrieve and edit the password file, then upload it again. However as root, I was not allowed ftp access.
2. It was suggested that I log in as a normal user and su to root. Unfortunately this was a new system and no other user accounts had been set up yet.
3. Telnet access to the console. This was not available.
4. rsh, ssh, rlogin, exec, etc.. All require a valid shell (which I didn't have) in order to work.
5. Use scp as root to overwrite the /etc/passwd with a corrected one. This sounds good, but I found another fix before receiving this suggestion, so I didn't get to try it. I wonder if this would have bypassed the invalid shell that caused all other remote access methods to stumble.
6. A couple of people suggested (somewhat reluctantly) that I look for a security weakness to exploit. This in fact is what I ended up doing. Several security web sites discuss a buffer overflow in sadmind and provide an exploit. I compiled this on my Linux box, ran it against the locked box and regained root access. I repaired my /etc/passwd and now am able to access it normally.
Thanks again to everyone who responded. And apologies to all the experienced sysadmins out there shaking their heads in wonder at my ignorance. I'll try not to post here again for a long time! :)
"Be kind, for everyone you meet is fighting a great battle."
- Saint Philo of Alexandria
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:14:08 CDT