# Root password does not login? Cannot create in password in single user mode?



## tentimesobelix (Oct 22, 2018)

Hi Forum,

When I boot up FreeBSD for the first time
(not completely the first time - as I've had earlier versions installed and had the same problem,
but didn't report it because I was trying to find a solution.) the root password or the user password
just says login incorrect. I am sure the passwords were correct 100%.
So eg.

```
Login: root
          Password: this-is-not-the-correct-password-it-has-Letters-Numbers-and-Symbols-in-it
Error: Login incorrect
```

So I boot into single user mode and I type:
`mount -u -o rw /`
then `password root`
try a few password combinations, get them right 100%, but it still comes up with *Error: Password Mismatch, press EOF to quit.*
then `vipw`
then get rid of the "c" in csh in the root area up the top. Probably cause I think its caused by the root shell not being *sh.
This does not work. Is there something wrong with my hardware?* It doesn't like all that Advanced Configuration Power Interface stuff.
Errors with that could be related I suppose.


----------



## ShelLuser (Oct 22, 2018)

Are you sure this happened on FreeBSD and not some kind of derivative? Reason I ask is because FreeBSD doesn't have a password command. That error message is also not something I'd associate with a vanilla FreeBSD environment. 

Also: changing the shell from csh into sh won't help with this because password issues have nothing to do with the shell itself.

Anyway, this has nothing to do with with your hardware, it's more likely that this is a misconfigured setup.


----------



## tentimesobelix (Oct 22, 2018)

The Error wasn't Password Mismatch, btw. I am sorry but I can't seem to get a screenshot of it. It began with 
	
	



```
(pw) error
```
Sorry it was `passwd` and not *password* like you said. No its not a derivative. And its the stable FreeBSD Release 11.2. But earlier versions didn't work either.
I tried ZFS or UFS automated in the setup. Never tried to manually partition my disk or from the shell. Configured ZFS stripe to use 1 Hard Disk. Accepted the 4K Cluster
size. Changed the Swap Size from 2G to 16G (twice my RAM). Didn't Encrypt disk or Swap. If I installed using UFS the next time round (because of the same passwd error), I accepted
the defaults.
I networked an ethernet cable with a 4G modem all setup. I set my hostname as snake.reptiles365.net.au (made up) and place that above the nameserver numbers. *Maybe this is where It went
wrong. Networking never seems to get right for me after the installation. I am the system administrator so I have no one to ask but you ladies and gentlemen for help.*
I also enabled the moused, the ntpd and the powerd (as its a laptop), went into security preferences and _randomized new processes, disabled remote logging and disabled sendmail._
Do these options make it fail and should be left alone?
Also when adding a user account, I set the login class to *staff* (because I am an OpenBSD user and it increases performance if you tweak login.conf settings. But this shouldn't affect
the root account practically being disabled.
Anyway I probably should learn how to avoid the root account, create my LAN over Wifi (I mean connect all my computers together with Kerberos, OpenSSH and LDAP or something) and use
password-less logins. But in the mean time, do you know anything about my problems?


----------



## Tcll (Oct 22, 2019)

tentimesobelix said:


> The Error wasn't Password Mismatch, btw. I am sorry but I can't seem to get a screenshot of it. It began with
> 
> 
> 
> ...


figured I'd post here because I just recently switched to OpenBSD and am having the exact same issue
I can login to my user account, but not my root account which has a more secure password with symbols.

it would seem the symbols are the reason the installation goes through, but you can't login once booted.
hopefully this gets fixed because level-1 security (A-z + 0-9) can easily be brute forced depending on password length (less than 128 characters)

for more detail on what I mean by "level-1 security", here's the password security levels according to my password generator:
level-1: A-z + 0-9
level-2: level-1 + common symbols (' !#$%&()*+,-.:;<>?@[]^_{|}~')
level-3: UTF-8
level-4: UTF-16
(levels determined by password security (what characters are allowed) of various websites)


OT-fun: weird coincidence I'm having this issue on the exact same day 1 year later (literally created this account for that reason XD)
note: I've been planning to get involved for some time, just that me having this issue this day made me create it sooner (I just had to)


----------



## SirDice (Oct 22, 2019)

Tcll said:


> figured I'd post here because I just recently switched to OpenBSD and am having the exact same issue
> I can login to my user account, but not my root account which has a more secure password with symbols.


As somebody that came from OpenBSD you should be familiar with the fact that root is not allowed to login remotely.



Tcll said:


> it would seem the symbols are the reason the installation goes through, but you can't login once booted.


A trap I fell for more than once, take your keyboard layout into account. Certain symbols move around when a different keyboard layout is used. For example the @ and " are sometimes swapped depending on the layout. If your password has any of those you may be blindly typing the wrong character (and therefor the wrong password) because the keyboard is set to a different layout.


----------



## SirDice (Oct 22, 2019)

The easiest way to test if the layout is wrong or not is to enter some of those special characters at the login prompt. You'll quickly see if the keyboard layout is correct or not.


----------



## Deleted member 30996 (Oct 22, 2019)

Tcll said:


> I can login to my user account, but not my root account which has a more secure password with symbols.



What am I missing here? That's not the error I get when entering the wrong password to become root from my user account:


```
$ uname -a
FreeBSD unmei 11.2-RELEASE-p14 FreeBSD 11.2-RELEASE-p14 #0: Mon Aug 19 22:38:50 UTC 2019     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
$ su
Password:
su: Sorry
$
```

I never log in directly as root and always `su` from my user account. I know special characters are allowed in both the user and root passwords because I use some you listed.


----------



## userxbw (Oct 23, 2019)

I do not know much, but could one not use a usb stick with bsd on it, boot that, you got a terminal , then mount and chroot  the system then  use that super user to add, or change the passwd?

change paswd








						Freebsd changing password - nixCraft
					

Q. How do I change a password under FreeBSD or Linux (UNIX) operating systems? A. The FreeBSD passwd utility changes the user’s local, Kerberos, or NIS password. If the user is not the super-user, passwd first prompts for the current password and will not continue unless the correct password is...




					www.cyberciti.biz


----------



## richardtoohey2 (Oct 23, 2019)

I use OpenBSD and FreeBSD on a daily basis and not encountered anything like this.  I'd recommend trying a FreeBSD on another machine and just take the defaults while you are experimenting.  Keep everything very simple and use the defaults.

The only login/user issue I get sometimes is this one:









						Solved - Error adding new user - pw: user 'anne' disappeared during update
					

Hei,  As root, I'm trying to add a new user with adduser but it returnes a strange error when I confirm. Only the group 'anne' gets created, but nothing more. I checked pw for something helpful as it seems like it's pw creating the error and checked /var/log/messages and /var/log/auth.log but...




					forums.freebsd.org
				




Just mentioning it because it does start with "pw" as per your description but otherwise think it is unlikely to be the issue.

As userxbw says - you can boot off a Live CD or USB and then change the root password.  (_Something_ like this article: https://www.cyberciti.biz/tips/howto-freebsd-reset-recover-root-password.html) Maybe change it to something simple to start with and make sure it all works.  Then try longer/more complicated passwords and see if you can find the underlying issue(s).


----------



## SirDice (Oct 23, 2019)

userxbw said:


> I do not know much, but could one not use a usb stick with bsd on it, boot that, you got a terminal , then mount and chroot the system then use that super user to add, or change the passwd?


No need for all that, you can simply boot to single user mode, mount the filesystems read/write and change root's password.


----------



## userxbw (Oct 23, 2019)

w/o root privileges? Interesting... 
Well I did say, "I do not know much,"


----------



## ljboiler (Oct 23, 2019)

Why do you think it's called "single user mode"?   There is only a single user allowed on the system, no login required, and that user is root.


----------



## userxbw (Oct 24, 2019)

ljboiler said:


> Why do you think it's called "single user mode"?   There is only a single user allowed on the system, no login required, and that user is root.


shows you how much I know about that one...

(perfect example of what happens when ones  is in passive mode).

thanks for stepping in and giving the logical line of thought to clarify that.


----------



## SirDice (Oct 24, 2019)

You can force root to login for single user mode. You'll need to edit /etc/ttys and change the `console` line from `secure` to `insecure`. But keep in mind this is rather superficial and can easily be circumvented. If an attacker has physical access to your server, all bets are off any way. To protect against that you'll need to resort to things like full disk encryption.


----------

