Recalbox Forum

    • Register
    • Login
    • Search
    • Recent
    • Tags
    • recalbox.com
    • Gitlab repository
    • Documentation
    • Discord

    Change root password

    Recalbox General
    root password
    8
    27
    14669
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • tstone2077
      tstone2077 last edited by

      I like recalbox A LOT, but the fact that I can't change my root password on my own machine is highly disturbing. I am not sure why you would want to mount / as read only, but without me owning root, I can't get behind recalbox.

      Is there a way to change the root password?

      1 Reply Last reply Reply Quote 1
      • Substring
        Substring last edited by

        mount -o remount, rw /
        passwd
        

        Should be enough

        Former dev - Please reply with @substring so that i am notified when you answer me
        Ex dev - Merci de me répondre en utilisant @substring pour que je sois notifé

        tstone2077 1 Reply Last reply Reply Quote 2
        • tstone2077
          tstone2077 @Substring last edited by

          @Substring Awesome! Thanks! I didn't realize you could reset the options on a mounted FS.

          1 Reply Last reply Reply Quote 0
          • ian57
            ian57 Staff last edited by

            Welcome in the world of linux... a real OS !

            "UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity." Dennis Ritchie

            1 Reply Last reply Reply Quote 1
            • unik314r
              unik314r last edited by unik314r

              All right is there something that has changed in 4.1? I can't change password, despite all my tests (I work in the IT, I hope I'm not that dumb...) :

              • 1st try : via ssh
                rw on /
                passwd twice
                reboot (shutdown -r now) --> passwd still recalboxroot

              • 2nd try : via F4 and ALT-F2
                rw on /
                passwd
                reboot (shutdown -r now) --> passwd still recalboxroot

              • 3rd try: via ssh
                rw on /
                passwd
                logout then ssh (without rebooting) --> new passwd is ok 😄 😄
                reboot (shutdown -r now) --> passwd still recalboxroot

              • 4th try: via ssh
                rw on /
                passwd
                logout then ssh (without rebooting) --> new passwd is ok 😄 😄
                reboot (via reboot) --> passwd still recalboxroot

              • 5th try: via ssh
                rw on /
                passwd
                logout then ssh (without rebooting) --> new passwd is ok 😄 😄
                reboot (via emulationstation's interface) --> passwd still recalboxroot

              Here is my history... in case...:

              # mount -o remount,rw /
              # passwd
              Changing password for root
              New password:
              Retype password:
              passwd: password for root changed by root

              # logout
              Connection to 192.168.1.30 closed.
              tux@TUX-FIXE:~$ ssh root@192.168.1.30
              root@192.168.1.30's password:

              # reboot
              WARNING: could not determine runlevel - doing soft reboot
              (it's better to use shutdown instead of reboot from the command line)

              Broadcast message from root@BARTOP (pts/0) (Tue Oct 17 22:08:51 2017):

              The system is going down for reboot NOW!
              # Connection to 192.168.1.30 closed by remote host.
              Connection to 192.168.1.30 closed.
              tux@TUX-FIXE:~$ ssh root@192.168.1.30
              root@192.168.1.30's password:
              Permission denied, please try again.
              root@192.168.1.30's password:

              I add that /etc/passwd has correctly been touched:

              # ls -ltrh /etc/passwd
              -rw-r--r-- 1 root root 452 Oct 17 22:08 /etc/passwd

              So as you can see: password can correctly be changed, stored, and it even works.... only until I reboot the machine -_-

              Any hint?

              Substring 1 Reply Last reply Reply Quote 0
              • Substring
                Substring @unik314r last edited by

                @unik314r you can't change it, we're nto using the standard linux mechanisms for password registration. You could "eventually" activate the secure mode if you want a different root password (and i'm not even sure you can change it afterwards). But beware, deactivating the secure mode has many more consequences and can't be disabled from ES for now

                Former dev - Please reply with @substring so that i am notified when you answer me
                Ex dev - Merci de me répondre en utilisant @substring pour que je sois notifé

                rockaddicted 1 Reply Last reply Reply Quote 0
                • rockaddicted
                  rockaddicted @Substring last edited by

                  @substring said in Change root password:

                  (and i'm not even sure you can change it afterwards)

                  you can, but by disabling option in recalbox.conf.
                  The switch in ES is buggy, I've done a merge request, will be fixed once merged and deployed.

                  The issue about changing the root password is about this "security option".
                  At every boot, there is a "security option" check, and if the option is not enabled, the password is reset by default.
                  https://gitlab.com/recalbox/recalbox/blob/master/board/recalbox/fsoverlay/recalbox/scripts/recalbox-config.sh#L58

                  Recalbox V4.1.0 - RPI3 OC - Xbox360 wireless
                  Wiki ENG : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(EN)
                  Wiki FR : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(FR)

                  Don't forget to upvote messages if it has been useful ;)

                  unik314r 1 Reply Last reply Reply Quote 0
                  • unik314r
                    unik314r last edited by

                    Great so I'm not that dumb 😄
                    I'll try it asap and I'll tell you.

                    Thanks a lot 🙂

                    1 Reply Last reply Reply Quote 0
                    • unik314r
                      unik314r @rockaddicted last edited by

                      @rockaddicted

                      LOL
                      I changed "recalboxroot" password for my personal one.
                      Tried a logout/login via ssh --> success, ok new password is set.
                      Then I switched to system.security.enabled=1 in recalbox.conf (as you said in your previous post)

                      # shutdown -r now

                      --> Now I can't ssh neither with my new password, nor with "recalboxroot" 😛 😛

                      I guess I'll have to F2/ALT-F4 when I get back home... But I'm not sure since I think login is also asked...
                      Maybe I'll have to take SD off and mount it on my PC in order to be able to edit recalbox.conf manually...

                      (And when I'll get system.security.enabled=0 back I think I'll do:

                      if [ "$securityenabled" != "1" ];then
                          echo "MY_PERSO_PASSWD_LOL"
                          exit 0
                      fi
                      

                      ...Dirty but might work...

                      1 Reply Last reply Reply Quote 0
                      • rockaddicted
                        rockaddicted last edited by

                        @unik314r I never said you will be able to change your root password by a custom one.
                        I was replying to @Substring that said you could maybe not able to disable the security option, once activated.

                        So to behavior about this option and the root password is :

                        • on boot recalbox check this option statut :

                          • security option disabled : If disabled, system force the default root pass recalboxroot (to reset it).

                          • security option enabled: If enabled, system generate a random root pass that if available in ES menu option. This one is reset on option disabled and system rebooted.

                        So for the moment there no way to change the root password to use a custom one.
                        If you want to do that, you must edit the recalbox-config.sh script as you done.

                        We'll maybe manage this case in a next release. But for the moment it is generic or random password only.

                        Recalbox V4.1.0 - RPI3 OC - Xbox360 wireless
                        Wiki ENG : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(EN)
                        Wiki FR : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(FR)

                        Don't forget to upvote messages if it has been useful ;)

                        unik314r 1 Reply Last reply Reply Quote 0
                        • unik314r
                          unik314r @rockaddicted last edited by

                          @rockaddicted
                          Fine, it's now completely clear.
                          Thanks!

                          rockaddicted 1 Reply Last reply Reply Quote 0
                          • rockaddicted
                            rockaddicted @unik314r last edited by

                            @unik314r you are welcome

                            Recalbox V4.1.0 - RPI3 OC - Xbox360 wireless
                            Wiki ENG : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(EN)
                            Wiki FR : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(FR)

                            Don't forget to upvote messages if it has been useful ;)

                            1 Reply Last reply Reply Quote 0
                            • valvolt
                              valvolt last edited by

                              Uh... so if I understood correctly:

                              • if you do not activate the security option, you are in 'insecure' mode 😉
                              • in 'secure' mode you get a one-time random password

                              I see the intent, even if I'm not convinced by the approach.
                              Questions:

                              • in the system.security.enabled=0 what else is auto-reset? In other words, how valid are the security tips valid for 4.0 and above written here https://github.com/recalbox/recalbox-os/wiki/Security-(EN) ?
                              • do you have documentation somewhere about what happens when you enable security? Namely, does it affect the Wifi password storage or the retroachievement password storage?

                              I volunteer to write a new document on the wiki for 4.1 if you provide the info 😉

                              RPi3 & XArcade Tankstick running inside the Street Fighter cabinet - Now SECURE YOUR BOX!

                              rockaddicted 1 Reply Last reply Reply Quote 0
                              • rockaddicted
                                rockaddicted @valvolt last edited by

                                @valvolt

                                • if option not enabled = recalboxroot as password (regenerated at each boot, so no way to use a custom defined one).
                                • if option enabled = system generates an random one (can't be define by user). This password will be same until you disable the option. System don't generates a new one at each reboot.
                                  So yes you can't define it, but once activated and pass stored in your big brain, no issue. (you can find it easily in ES menu, but need a physical access on your recalbox).

                                About security option features, I'll have to read the source code because I didn't write this option and it is not documented.
                                But here are the behaviors that I remember :

                                • disable virtualgamepads
                                • disable webmanager
                                • add a password to samba share
                                • generate a random root password

                                There is maybe other features impacted. I'll have to check if I find a moment.

                                Recalbox V4.1.0 - RPI3 OC - Xbox360 wireless
                                Wiki ENG : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(EN)
                                Wiki FR : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(FR)

                                Don't forget to upvote messages if it has been useful ;)

                                1 Reply Last reply Reply Quote 0
                                • rockaddicted
                                  rockaddicted last edited by

                                  FYI, the ES switch to manage this option is currently broken.
                                  So once this option enabled in ES, you'll have to edit recalbox.conf to disable it.
                                  Will be fixed in a next upgrade.

                                  Recalbox V4.1.0 - RPI3 OC - Xbox360 wireless
                                  Wiki ENG : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(EN)
                                  Wiki FR : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(FR)

                                  Don't forget to upvote messages if it has been useful ;)

                                  unik314r 1 Reply Last reply Reply Quote 0
                                  • unik314r
                                    unik314r @rockaddicted last edited by

                                    @rockaddicted "So once this option enabled in ES, you'll have to edit recalbox.conf to disable it."
                                    I don't agree: I've tried many times to edit from system.security.enabled=1 to system.security.enabled=0 (manually, vi etc...) but 1 still comes back at each reboot.

                                    May be I should

                                    • kill emulationstation
                                    • change to 0
                                    • shutdown -r now

                                    Anyway, setting my own password in scripts/recalbox-config.sh here

                                    if [ "$securityenabled" != "1" ];then
                                    echo "MY_OWN_PASSWD"
                                    exit 0
                                    fi

                                    did not work either (I think it's normal: system.security.enabled is still at 1)

                                    However, when I set my passwd with recalbox-config.sh:
                                    # recalbox-config.sh setRootPassword MY_OWN_PASSWD

                                    --> It stores (and encodes) MY_OWN_PASSWD in /boot/recalbox-boot.conf

                                    So now, I have:

                                    • system.security.enabled=1 in recalbox.conf
                                    • "recalboxroot" set in recalbox-config.sh
                                    • "MY_OWN_PASSWD" (encoded) in /boot/recalbox-boot.conf

                                    --> Now I can ssh with "MY_OWN_PASSWD" and I have security enabled.

                                    unik314r 1 Reply Last reply Reply Quote 0
                                    • unik314r
                                      unik314r @unik314r last edited by

                                      @unik314r said in Change root password:

                                      May be I should

                                      • kill emulationstation
                                      • change to 0
                                      • shutdown -r now

                                      Yes it worked: system.security.enabled stayed at 0 after reboot.

                                      1 Reply Last reply Reply Quote 0
                                      • unik314r
                                        unik314r last edited by

                                        o_O ...
                                        Kind of strange:

                                        # grep security.enabled ~/recalbox.conf
                                        system.security.enabled=0
                                        #
                                        --> OK, password = what is written in recalbox-config.sh

                                        # grep recalboxroot /recalbox/scripts/recalbox-config.sh
                                        #
                                        --> OK, default password is not recalboxroot anymore, indeed I set my own:

                                        # grep Vi /recalbox/scripts/recalbox-config.sh
                                        echo "Vi......."
                                        #

                                        --> But ssh only works with recalboxroot !

                                        (I checked rootshadowpassword = it still corresponds to my own passwd , encoded)

                                        I double-rebooted --> passwd is still recalboxroot

                                        Does recalbox manages passwords somewhere else? Did I miss something?

                                        frankie842 1 Reply Last reply Reply Quote 0
                                        • frankie842
                                          frankie842 @unik314r last edited by

                                          @unik314r My son accidently changed my root password, and or turned on secure mode on the recalbox. Now I can't use the web based manager. When I put in the IP address of the recalbox into my url, it says server unavailable. How do I get back to using the web based manager?
                                          Thanks

                                          1 Reply Last reply Reply Quote 0
                                          • rockaddicted
                                            rockaddicted last edited by

                                            @frankie842 in ES, in security menu, you have your new root password.
                                            Access to your recalbox with your network whare (samba). Use root/your_root_password to log you.
                                            Then edit your recalbox.conf et disable security option.
                                            Once done, reboot your recalbox, and the option should be sactivated.
                                            When you are editing your recalbox.conf file, keep your ES menu closed. if don't, your modifications wont be effective.

                                            Recalbox V4.1.0 - RPI3 OC - Xbox360 wireless
                                            Wiki ENG : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(EN)
                                            Wiki FR : https://github.com/recalbox/recalbox-os/wiki/Mini-How-To-(FR)

                                            Don't forget to upvote messages if it has been useful ;)

                                            frankie842 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post

                                            Want to support us ?

                                            80
                                            Online

                                            90.9k
                                            Users

                                            26.5k
                                            Topics

                                            182.3k
                                            Posts

                                            Copyright © 2021 recalbox.com