Can't set a new password for 'root'

lordeagle · 11-11-2020, 02:34 PM

I'm just trying to protect the 'root' account on my Jailbroken PW3 (serial method).

I can connect via usbnet/ssh. And the 'root' user can be logged in without any password.
However, now where the device is jailbroken I'd like to protect what's mine and tried to set a password for 'root'. Which is not working and I can't figure out why.

I enter the following command on a shell (which I thinked worked on other devices):

Code:

mntroot rw
passwd
# enter my new pass
mntroot ro

However, this change has no effect. And also a reboot does not bring any help. What am I missing?

Any ideas or thinks I can check?

j.p.s · 11-11-2020, 04:20 PM

set up ssh shared keys (and passphrase protect them).

Isn't password login disabled for root in the main partition?

NiLuJe · 11-11-2020, 04:39 PM

It is, the root account is locked.

lordeagle · 11-12-2020, 01:14 PM

Quote:

Originally Posted by NiLuJe

It is, the root account is locked.

It is locked? But I am able to login without any password. Isn't that the point of the first steps of a JB ... to get root access?

Or how is the user locked? Obviously something with the passwd procedure is dubious ... but I don't see what exactly. I see that /etc/shadow is updated after executing 'passwd' on a RW mounted partition.

Furthermore I know that I have a PW3 (5.9.6) which has a password protected root account (with a password that I gave). Back there I could use the convenient software JB. This time I followed the serial JB as I am on (5.12.5) with the new device.

So I'd assume that it has anything to do with the JB procedure? Does the JB process apply any special hacks to keep the 'root' acc protected which I could disable temporary to enforce my pass?

NiLuJe · 11-12-2020, 02:46 PM

USBNetwork uses a patched dropear/telnet that (optionally, but enabled by default) bypass authentication.

This is *specifically* engineered so that you *don't* have to set a root password manually.
If you want "security", as was mentioned earlier, switch to shared key authentication, disable telnet, and switch to OpenSSH, which doesn't feature this hack.

lordeagle · 11-13-2020, 07:21 AM

Quote:

Originally Posted by NiLuJe

If you want "security", as was mentioned earlier, switch to shared key authentication, disable telnet, and switch to OpenSSH, which doesn't feature this hack.

Thanks a lot @NiLuJe, switching to OpenSSH indeed fixed my issues. Now I have a secure access

11-11-2020, 02:34 PM	#1
lordeagle Enthusiast Posts: 49 Karma: 17448 Join Date: Jun 2020 Device: Kobo Elipsa2E & Libra H20, Kindle PW3 & PW2	Can't set a new password for 'root' I'm just trying to protect the 'root' account on my Jailbroken PW3 (serial method). I can connect via usbnet/ssh. And the 'root' user can be logged in without any password. However, now where the device is jailbroken I'd like to protect what's mine and tried to set a password for 'root'. Which is not working and I can't figure out why. I enter the following command on a shell (which I thinked worked on other devices): Code: mntroot rw passwd # enter my new pass mntroot ro However, this change has no effect. And also a reboot does not bring any help. What am I missing? Any ideas or thinks I can check?

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
root password doesn't work	hemna	Kindle Developer's Corner	3	09-12-2013 02:06 PM
4.1 Root Password	Villordsutch	Kindle Developer's Corner	13	08-31-2012 09:42 AM
Issues changing root password	tstngry	Amazon Kindle	0	04-26-2012 11:39 PM
password req to root the edge	littleal	enTourage eDGe	3	06-27-2011 01:34 AM
iLiad Thoughts on 2.5 and root password	TadW	iRex Developer's Corner	16	07-26-2006 03:37 AM

11-11-2020, 04:20 PM	#2
j.p.s Grand Sorcerer Posts: 5,786 Karma: 103362673 Join Date: Apr 2011 Device: pb360	set up ssh shared keys (and passphrase protect them). Isn't password login disabled for root in the main partition?

11-11-2020, 04:39 PM	#3
NiLuJe BLAM! Posts: 13,506 Karma: 26047202 Join Date: Jun 2010 Location: Paris, France Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E	It is, the root account is locked.

11-12-2020, 02:46 PM	#5
NiLuJe BLAM! Posts: 13,506 Karma: 26047202 Join Date: Jun 2010 Location: Paris, France Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E	USBNetwork uses a patched dropear/telnet that (optionally, but enabled by default) bypass authentication. This is specifically engineered so that you don't have to set a root password manually. If you want "security", as was mentioned earlier, switch to shared key authentication, disable telnet, and switch to OpenSSH, which doesn't feature this hack.

Advert

Advert