Information contained in the shadow file
If anyone is interested this is how I worked out what the password was.
I did a backup from the cmd line and transferred the cho-dat file to my laptop, I then used 7-Zip to open the archive and went to CHO-DAT\CHO-DAT~\\etc\ and opened the shadow file using notepad ++.
The format of the file is as follows with each element separated by a :
root:$1$jrTtj3TY$.rhLPcNiiLy8IyKWLwKXm0:16403:0:99999:7:::
Which equates to
- Username, up to 8 characters. Case-sensitive, usually all lowercase. A direct match to the username in the /etc/passwd file.
- Password, 13 character encrypted. A blank entry (eg. ::) indicates a password is not required to log in (usually a bad idea), and a “*” entry (eg. :*:) indicates the account has been disabled, the first three characters here indicate the type of algorithm used (which in this case is MD5
- The number of days (since January 1, 1970) since the password was last changed.
- The number of days before password may be changed (0 indicates it may be changed at any time)
- The number of days after which password must be changed (99999 indicates user can keep his or her password unchanged for many, many years)
- The number of days to warn user of an expiring password (7 for a full week)
- The number of days after password expires that account is disabled
- The number of days since January 1, 1970 that an account has been disabled
- A reserved field for possible future use
Now at this point I was wondering if it would be possible to edit the file line for root with a known password (it maybe as I didn’t have to go that far) but instead when I read 3 above I realized that the password had not been changed since Saturday, November 29, 2014 which is probably the date that I finished installing it originally, there are a number of web pages that do this for you if your keen the one I used is https://www.epochconverter.com/seconds-days-since-y0
