VMware ESX/ESXi忘记root密码的重设

HP-UX、Linux、Tru64 UNIX、NonStop、OpenVMS、Windows Server等,数据中心、虚拟化方案等

版主: xyevolve

版面规则
1. 本版是定位于惠普软件系统及解决方案的技术讨论区。
2. 本版鼓励发帖共同讨论技术问题,不鼓励站内信件私下交流,独知知不如众知知。
3. 本版允许转贴或引用他人的作品,但必须声明原作者信息。
4. 本版禁止发表出售、求购、或其他非技术讨论等帖子。
5. 本版禁止灌水,包括但不限于任何与所讨论主题无关的回复,无意义字符,直接复制其他回复等。
6. 本站附件禁止用于商业目的,请在下载后24小时内删除,本站不对其造成的结果负任何责任。
回复
头像
MUDBOY
创始人
帖子: 3882
注册时间: 2010年 12月 28日 21:17 星期二

VMware ESX/ESXi忘记root密码的重设

帖子 MUDBOY » 2012年 8月 18日 13:25 星期六

总的来说,ESXi除了重新安装别无他法,ESX的话可以通过single模式来重设。

引用VMware官方的方法如下,前提是对主机能够访问(物理访问,远程console等)

http://kb.vmware.com/kb/1317898

ESXi 3.5, ESXi 4.x, and ESXi 5.0

Reinstalling the ESXi host is the only supported way to reset a password on ESXi. Any other method may lead to a host failure or an unsupported configuration due to the complex nature of the ESXi architecture. ESXi does not have a service console and as such traditional Linux methods of resetting a password, such as single-user mode do not apply.

ESX 3.x and 4.x

Note: This section does not apply to ESXi. See the ESXi section of this article.

To change the password for the root user on an ESX 3.x or ESX 4.x host, you must reboot into single-user mode. To do this, follow these steps:

Reboot the ESX host.
When the GRUB screen appears, press the space bar to stop the server from automatically booting into VMware ESX.
Use the arrow keys to select Service Console only (troubleshooting mode).
Press the a key to modify the kernel arguments (boot options).
On the line presented, type a space followed by the word single.
Press Enter. The server continues to boot into single-user mode.
When presented with a bash prompt such as sh-2.05b#, type the command passwd and press Enter.
Follow the prompts to set a new root user password.
When the password is changed successfully, reboot the host using the command reboot and allow VMware ESX to boot normally.

ESX Server 2.x

Note: This section does not apply to ESXi. See the ESXi section of this article.

To change the password for the root user on an ESX 2.x host, you must reboot into single-user mode. To do this, follow these steps:

Reboot the ESX Host.
When the LILO screen appears, press the space bar to stop the server from automatically booting into VMware ESX.
At the LILO prompt select linux, adding the -s to the end of the line. For example: linux -s.
Press Enter. The system begins to boot. The server continues to boot into single-user mode.
When presented with a bash prompt such as sh-2.05b#, type the command passwd and press Enter.
Follow the prompts to set a new root user password.
When the password is changed successfully, reboot the host using the command reboot and allow VMware ESX to boot normally.

When the system is finished booting, you can log in as the root user using the new password.

头像
MUDBOY
创始人
帖子: 3882
注册时间: 2010年 12月 28日 21:17 星期二

Re: VMware ESX/ESXi忘记root密码的重设

帖子 MUDBOY » 2012年 8月 18日 14:49 星期六

ESXi版本忘记root密码后,除了重装,也不是没有办法的(不过是非官方的方法)

参考http://vm-help.com/esx/esx3i/Reset_root_password.php

大致思路就是用linux的启动工具盘如Linux Live CD,来加载修改ESXi的密码文件,因为ESXi并没有GRUB,而是使用的是VMware自己的bootloader。光盘启动后需要解包密码文件所在的包,修改后再封装回去。
As with any system there may arise a situation in which the root login has been misplaced or forgotten. The below process will show you how to reset the password for root back to a blank password. This is not supported by VMware and you might consider running a repair install of ESXi instead of this process. A repair install will overwrite the system partitions of an ESXi install but preserve any VMFS datastores. After a repair install one can add the existing VMs back to inventory by browsing the datastore, right clicking on VMX files and selecting Add to Inventory. Note that changing the password of root back to blank will prevent the mounting of any NFS datastores as these depend on the root login to authenticate with the NFS server.

This process does require some sort of physical access to the host as it will require booting it with an alternate OS. In the below example I used the Slax Linux Live CD. Please note that I tested this process on a test server with no VMs. It was basically a fresh install on which I changed the root password and created another login. I then used this process to reset the password of root and rebooted the host. After the reboot I could login with no password for root and the other account worked fine as well. While I think this is a relatively safe process, if I were doing this on a live system I would ensure that I had backups of the VMs and if possible a configuration backup for ESXi.

If you do want to want to retrieve the root or other password password, you can use the initial steps to retrieve a copy of the shadow file. Then use a tool like john the ripper (jtr) to crack the password. If a common word / pass phase was used for the password and you use a extensive password list with jtr then you may be able to retrieve the password in a fairly short time frame

1) The below image was taken from the console of the ESXi host and the output of cat /etc/shadow shows the encrypted password for the root login. You may wish to record the password hash should you wish to reverse this change.
password1.jpg
2) After the host was shut down, I booted up with the Linux live CD. I then ran the commands fdisk -l and ls -l /mnt/sda5/ / ls -l /mnt/sda6/ to determine the location of the most recent state.tgz file. Note that if you're using ESXi Embedded then you may only see local.tgz instead of state.tgz and you should then copy and recreate that file. In my below example, ESXi was a fresh install so /sda6 has no files but boot.cfg. When booting ESXi on this host, /sda5 would be mounted as /bootbank and /sda6 as /altbootbank.
password2.jpg
3) After determining where the most recent state.tgz file was located, this was copied to /tmp. gzip and tar were then used to extract local.tgz from state.tgz. If you're using ESXi Embedded then you will copy local.tgz to tmp and run gzip and tar on that file. Once local.tar was extracted the cd etc command was run followed by vi shadow.
password3.jpg
4) The below two images show the shadow file before and after editing. Essentially you'll want to have the root entry as root::13358:0:99999:7::: . Once you have removed the password hash, press ESC and to save the change type in :wq and press Enter. You can run cat shadow to confirm that the change was saved successfully.
password4.jpg
password5.jpg
5) Once the shadow file has been updated, you'll use cd .. to go back to /tmp and then run tar -czvf local.tgz etc to create the local.tgz file. If you're using ESXi Embedded then you'll copy this file to the drive where it came from in step 3. Otherwise you'll run tar -czvf state.tgz local.tgz to create state.tgz which should then be copied to the correct location. In the below image you'll notice that I don't always use the -v option with the tar command. This option displays a list of all files being processed by the command and would have resulted in larger screen output. It is entirely optional for this process, but can provide a good check to see if the right files are being processed. When running tar to extract the local file, a large number of files will be processed. I've also used the ls -l command a few times in the below image. This was done to ensure that the file copied correctly.
password6.jpg
6) Once the file has been copied back to the /bootbank partition the host can be rebooted back into ESXi. You'll be able to login with the root account with no password and will be greeted with the familiar message to change the root password.
password7.jpg
您没有权限查看这个主题的附件。

回复