18

On a Server an user 16040 has lost his password. I have password for root but don't have password for user 16040. How can I reset his password?

With passwd 16040, unix ask me current password that I don't have. Is there a command for reset a user's password without current password?

passwd 16040
Changing password for 16040.
Current password for [email protected]:
Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
Catanzaro
  • 281
  • 1
  • 2
  • 3

3 Answers3

24

If you run passwd 16040 as root, you will not be asked for the current password.

After changing the password, you should consider issuing chage -d 0 16040. This sets the password's last change date far in the past; assuming passwords are set to expire on your system, this will force the user to change their password after logging in. This gives them a chance to choose a password only known to them.

dhag
  • 15,440
  • 4
  • 54
  • 65
Artur Szymczak
  • 1,913
  • 12
  • 12
3

You should issue passwd 16040 as root (sudo passwd 16040 if your user is in the sudoers file) to change his/her password. It won't ask you for the current one.

Or, if you have physical access to the box, you can append init=/bin/bash as kernel parameter to get root access and then issue passwd 16040.

peperunas
  • 203
  • 2
  • 8
  • 3
    Having a prompt in inline commands is rather puzzling and can easily be misinterpreted as being part of the command. Please only use prompts in block quotes. Additionally, `# >` is rather uncommon and here `>` simply invites to be misinterpreted as part of the command — common practice is using a simple `#` for `root`-shells and `$` for non-root ones. – Andreas Wiese Apr 28 '14 at 11:26
  • You're right, I've edited my answer for sake of clarity. Thanks. – peperunas Jun 22 '15 at 06:12
1

If you cannot log directly as a root you can try

  • sudo /usr/bin/passwd 16040.
  • sudo -i and after /usr/bin/passwd 16040

I'm assuming that passwd is in /usr/bin (you can verify with the command which passwd)

Hastur
  • 2,325
  • 16
  • 32
  • `sudo bash` for starting a `root` shell is (although common) really, really bad `sudo` practice. It's `sudo -s` or `sudo -i` (non-login or login-shell, resp.). This even honors your default shell set in `/etc/passwd` without having to care about it yourself. Additionally, `bash` without a complete path is a bad idea on its own, since this would be one of the first fake-binaries a malicious user would put somewhere into `$PATH`. – Andreas Wiese Apr 29 '14 at 13:26
  • I agree about the full path specification, and the use of `sudo -i`, and so I modified the answer... but if you speak about security and the possibility of a troian hidden in the `$PATH` maybe it's better to avoid to use `sudo -s` since you add at least the `$USER/bin` directory and all the alias you can imagine... :-) – Hastur Apr 29 '14 at 14:32
  • Good point, indeed, but depends on `sudo` configuration: the default configuration shipped with `sudo` doesn't keep the `$HOME` variable set, thus you'd end up having your own rc-files sourced, not the `$SUDO_USER`'s ones. – Andreas Wiese Apr 29 '14 at 14:34