Password reset for ~1998 AIX on RS/6000?
mtapley at swri.edu
Mon Feb 5 19:56:16 CST 2018
On Feb 3, 2018, at 9:08 AM, Jules Richardson via cctech <cctech at classiccmp.org> wrote:
> On 02/01/2018 02:28 PM, Tapley, Mark via cctech wrote:
>> Is there a standard procedure for recovering lost passwords for these
>> systems, or for resetting passwords? I do have physical access to the
>> machine; it’s possible I can find an AIX install disk but it’s *highly*
>> desirable to preserve the contents of the existing hard drive.
> I want to say that my machine's a 43P-140, too (and I actually have a pair of them, but one has some form of hardware fault)
> Anyway, for mine, I seem to remember putting the drive into one of my SGIs (I didn't have a PC with SCSI on this side of the Atlantic) and writing a little script which read the drive block-by-block, saving any to the SGI which looked like they might be file fragments containing root password entries.
> That gave me ten or so blocks, which I then moved over to a Linux PC (which had a little more CPU power than the SGI). AIX's password file format is a little different to that of everyone else (of course), so I had to tweak the data to get it into the right format. From there, it was just a case of running a Unix password cracker and it just took a minute or two to find the root password.
> I forget now which version of AIX I have; I remember that the password mechanism changed at some point (and 99% of the information I found at the time via Google related to a different version; it was hard to find details on the one that I have)
One last update, just in case you are curious.
Although ftpd is disabled on the RS/6000 so at least the weakness Doug pointed out would not have let me in, his post convinced me our help desk would frown at putting it on our network. (And, although the suggestions to put the disk on a modern machine to read are good, I’m a bit scared of the idea of disassembling a functioning system - I’m not that great a technician…. anyway the install CD and IBM technote referenced earlier were enough to get me root access.)
Rather than working through smit/smitty to change the IP address and putting the machine onto our network, I instead used a straight-through ethernet cable to connect it directly (no hub) to my 1 GHz Aluminum Powerbook G4. (The ethernet port on the laptop is auto-sensing, else I’d have needed a crossover cable.) I set the IP address manually on the G4 ethernet to be only a few bits away from the RS/6000’s existing IP address (per “ifconfig" and set the netmask to be the same. Mac OS X.4 on the G4 does have ftpd running, so I was able to ftp from the RS/6000 to the G4 and push .tar archives across. I remembered to command “binary” in FTP before starting the transfer.
Once on the G4, “tar -xvf <filename>” extracted the archives, apparently successfully (although I have not tested any of the binaries, they are of secondary importance). Of note, double-clicking on the .tar did *not* succeed in expanding it.
I reconfigured the G4 back to its normal ethernet setting and put it back on the network, then used TenFourFox (thanks again, Cameron!) to push the .tar files up to our institute large-file http transfer service, then sent links to the Goddard and other folks who needed them.
I’m still hanging fire on confirmation that the files made it there OK, but I’m —><— this close to declaring total success on this operation.
Next step, hopefully, re-vitalizing the RAD-6000s we have had in cold storage (in orbit) for 12 years!
Again, many many thanks for the suggestions and help!
More information about the cctalk