Resetting the root password on a remote virtualbox VM

I am still working on the drafts of the FreePBX post(s). I will finish those some time soon. Until then, here is a quick write up of something that I did for a client yesterday.

The client has a virtualized server running on one of their servers at a remote facility. The server is running an older version of Ubuntu. The problem is that the admin who setup the system is no longer with the company, unavailable, and they do not have the root password or the password of any users on the system. The server is running a very specific service that hasn’t needed an update in years, but now they need to update it and would like install all of the latest security patches on the system as well.

The host system was hacked together. Debian 6, Virtualbox 3.2. It looks like they tried to setup VBoxWeb but didn’t get it working. Everything in unusual places with no documentation. The ex-admin had wiped his history before he left and that info wasn’t backed up. Other virtual machines running on the system are critical so I couldn’t reinstall things to get everything working. Leaving the system the way it was I probably could have spent a few hours figure out what was going on but the client was a little impatient. So I simply fixed the problem in the quickest way possible and got out of there. Here is what I did.

Connect to the remote system using SSH
ssh -X user@hostsystem

Check the Vmservername of the running VMs
sudo VirtualBox list runningvms

The host server and vm are box 64 bit Linux, so copy a 64 bit LiveCD ISO to the server
cd /virtualboxes/ISO
scp myusername@mylaptopipaddress:/home/myusername/ISO/ubuntu-mini-remix-14.10-amd64.iso .

Attempt #1 to shutdown the vm
sudo VBoxManage controlvm vmservername acpipowerbutton

Explain the possible problems this would cause to the client, then forcefully shutdown the vm
sudo VBoxManage controlvm Vmservername poweroff

Launch the Virtualbox Manager over SSH X11 forward
sudo VirtualBox

Find the server in the list, right-click Settings. Select Storage and add the LiveCD to the CD/DVD drive. Close the Virtualbox Manager.

Boot the VM in headless mode with, the output should give you the RDP port number
sudo VBoxHeadless -s Vmservername

On my laptop I used rdesktop to connect to the VM, on port 10094
rdesktop Vmservername:10094

I then used the standard chroot method to change the root password and shutdown the system
fdisk -l
mkdir /mnt/vmservername
mount /dev/sda1 /mnt/vmservername
chroot /mnt/vmservername
passwd root
shutdown -h now

Launch the Virtualbox Manager again and remove the LiveCD iso
sudo VirtualBox

Restart the VM
sudo VBoxManage startvm Vmservername

I verified I could access the server via SSH as root. I explained to the client that this is a bad thing and made a few quick changes to the SSH configuration after adding a user with sudo access.

I am sure there was an easier or better way to do this. This just seemed like the quickest at the time. Hope this helps someone.

No comments

Leave a Reply