Authentication token manipulation error
I forgot my Ubuntu password so I booted into recovery and dropped into a root shell prompt and this is what happened:
root@username-PC:~# passwd username
Enter new UNIX password:
Retype new UNIX password:
passwd: Authentication token manipulation error
passwd: password unchanged
password-recovery
add a comment |
I forgot my Ubuntu password so I booted into recovery and dropped into a root shell prompt and this is what happened:
root@username-PC:~# passwd username
Enter new UNIX password:
Retype new UNIX password:
passwd: Authentication token manipulation error
passwd: password unchanged
password-recovery
1
Another possible solution can be found at root can change the password of a user, but the user herself cannot.
– Melebius
Jul 23 '18 at 12:13
add a comment |
I forgot my Ubuntu password so I booted into recovery and dropped into a root shell prompt and this is what happened:
root@username-PC:~# passwd username
Enter new UNIX password:
Retype new UNIX password:
passwd: Authentication token manipulation error
passwd: password unchanged
password-recovery
I forgot my Ubuntu password so I booted into recovery and dropped into a root shell prompt and this is what happened:
root@username-PC:~# passwd username
Enter new UNIX password:
Retype new UNIX password:
passwd: Authentication token manipulation error
passwd: password unchanged
password-recovery
password-recovery
edited Dec 15 '13 at 14:21
Braiam
52.1k20136222
52.1k20136222
asked Dec 29 '11 at 5:22
era878era878
1,00921319
1,00921319
1
Another possible solution can be found at root can change the password of a user, but the user herself cannot.
– Melebius
Jul 23 '18 at 12:13
add a comment |
1
Another possible solution can be found at root can change the password of a user, but the user herself cannot.
– Melebius
Jul 23 '18 at 12:13
1
1
Another possible solution can be found at root can change the password of a user, but the user herself cannot.
– Melebius
Jul 23 '18 at 12:13
Another possible solution can be found at root can change the password of a user, but the user herself cannot.
– Melebius
Jul 23 '18 at 12:13
add a comment |
4 Answers
4
active
oldest
votes
Also make sure you are mounting the file system read/write.
After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.
Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.
The command to run prior to changing the password is: mount -rw -o remount /
1
even after following these steps it will not accept my password
– angela
Aug 14 '14 at 15:09
2
Odd.mountshowed that/was already mounted as read/write, butmount -rw -o remount /still worked. No idea why.
– Hubro
Dec 2 '15 at 9:11
i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
– B.Mr.W.
Aug 1 '16 at 16:27
+1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
– bshea
Apr 4 '17 at 15:40
add a comment |
I'm not sure how it happened. A sudo user created my account then deleted it then created it again.
Here is what I found
mount -o remount,rw /
passwd
passwd: Authentication token manipulation error
No change.
sudo pwck
Showed no errors.
sudo grpck
Showed no errors.
ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-
-rw-r--r-- 1 root root 767 May 7 16:45 /etc/group
-rw-r--r-- 1 root root 1380 May 7 16:45 /etc/passwd
-rw-r----- 1 root shadow 1025 May 8 09:11 /etc/shadow
-rw------- 1 root root 1025 May 7 16:46 /etc/shadow-
Looks normal.
sudo cat /etc/shadow |grep oracle
oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::
Showed user and encrypted password.
sudo cat /etc/shadow- |grep oracle
Showed nothing. Not sure what that means but doesn't look right.
sudo passwd -d oracle
passwd
So the solution was to delete the password then reset new password.
Hope this helps.
I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.
1
Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
– GOST
Apr 9 '16 at 7:44
add a comment |
I got this error by changing password with device where date was not set. (ie. it was random after boot)
Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.
To fix the account I had to:
- Set the correct date
- Edit sane expiration/last password change dates to
/etc/shadowfile (I used last working shadow file) - Change the password with root-rights to new one.
add a comment |
This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).
This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.
See: man pam_chauthtok
PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.
Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.
add a comment |
protected by Community♦ May 13 '12 at 12:36
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Also make sure you are mounting the file system read/write.
After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.
Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.
The command to run prior to changing the password is: mount -rw -o remount /
1
even after following these steps it will not accept my password
– angela
Aug 14 '14 at 15:09
2
Odd.mountshowed that/was already mounted as read/write, butmount -rw -o remount /still worked. No idea why.
– Hubro
Dec 2 '15 at 9:11
i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
– B.Mr.W.
Aug 1 '16 at 16:27
+1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
– bshea
Apr 4 '17 at 15:40
add a comment |
Also make sure you are mounting the file system read/write.
After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.
Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.
The command to run prior to changing the password is: mount -rw -o remount /
1
even after following these steps it will not accept my password
– angela
Aug 14 '14 at 15:09
2
Odd.mountshowed that/was already mounted as read/write, butmount -rw -o remount /still worked. No idea why.
– Hubro
Dec 2 '15 at 9:11
i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
– B.Mr.W.
Aug 1 '16 at 16:27
+1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
– bshea
Apr 4 '17 at 15:40
add a comment |
Also make sure you are mounting the file system read/write.
After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.
Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.
The command to run prior to changing the password is: mount -rw -o remount /
Also make sure you are mounting the file system read/write.
After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.
Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.
The command to run prior to changing the password is: mount -rw -o remount /
edited Apr 29 '12 at 14:39
Community♦
1
1
answered Jan 3 '12 at 23:29
BrandonBrandon
1,8261102
1,8261102
1
even after following these steps it will not accept my password
– angela
Aug 14 '14 at 15:09
2
Odd.mountshowed that/was already mounted as read/write, butmount -rw -o remount /still worked. No idea why.
– Hubro
Dec 2 '15 at 9:11
i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
– B.Mr.W.
Aug 1 '16 at 16:27
+1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
– bshea
Apr 4 '17 at 15:40
add a comment |
1
even after following these steps it will not accept my password
– angela
Aug 14 '14 at 15:09
2
Odd.mountshowed that/was already mounted as read/write, butmount -rw -o remount /still worked. No idea why.
– Hubro
Dec 2 '15 at 9:11
i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
– B.Mr.W.
Aug 1 '16 at 16:27
+1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
– bshea
Apr 4 '17 at 15:40
1
1
even after following these steps it will not accept my password
– angela
Aug 14 '14 at 15:09
even after following these steps it will not accept my password
– angela
Aug 14 '14 at 15:09
2
2
Odd.
mount showed that / was already mounted as read/write, but mount -rw -o remount / still worked. No idea why.– Hubro
Dec 2 '15 at 9:11
Odd.
mount showed that / was already mounted as read/write, but mount -rw -o remount / still worked. No idea why.– Hubro
Dec 2 '15 at 9:11
i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
– B.Mr.W.
Aug 1 '16 at 16:27
i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
– B.Mr.W.
Aug 1 '16 at 16:27
+1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
– bshea
Apr 4 '17 at 15:40
+1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
– bshea
Apr 4 '17 at 15:40
add a comment |
I'm not sure how it happened. A sudo user created my account then deleted it then created it again.
Here is what I found
mount -o remount,rw /
passwd
passwd: Authentication token manipulation error
No change.
sudo pwck
Showed no errors.
sudo grpck
Showed no errors.
ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-
-rw-r--r-- 1 root root 767 May 7 16:45 /etc/group
-rw-r--r-- 1 root root 1380 May 7 16:45 /etc/passwd
-rw-r----- 1 root shadow 1025 May 8 09:11 /etc/shadow
-rw------- 1 root root 1025 May 7 16:46 /etc/shadow-
Looks normal.
sudo cat /etc/shadow |grep oracle
oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::
Showed user and encrypted password.
sudo cat /etc/shadow- |grep oracle
Showed nothing. Not sure what that means but doesn't look right.
sudo passwd -d oracle
passwd
So the solution was to delete the password then reset new password.
Hope this helps.
I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.
1
Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
– GOST
Apr 9 '16 at 7:44
add a comment |
I'm not sure how it happened. A sudo user created my account then deleted it then created it again.
Here is what I found
mount -o remount,rw /
passwd
passwd: Authentication token manipulation error
No change.
sudo pwck
Showed no errors.
sudo grpck
Showed no errors.
ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-
-rw-r--r-- 1 root root 767 May 7 16:45 /etc/group
-rw-r--r-- 1 root root 1380 May 7 16:45 /etc/passwd
-rw-r----- 1 root shadow 1025 May 8 09:11 /etc/shadow
-rw------- 1 root root 1025 May 7 16:46 /etc/shadow-
Looks normal.
sudo cat /etc/shadow |grep oracle
oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::
Showed user and encrypted password.
sudo cat /etc/shadow- |grep oracle
Showed nothing. Not sure what that means but doesn't look right.
sudo passwd -d oracle
passwd
So the solution was to delete the password then reset new password.
Hope this helps.
I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.
1
Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
– GOST
Apr 9 '16 at 7:44
add a comment |
I'm not sure how it happened. A sudo user created my account then deleted it then created it again.
Here is what I found
mount -o remount,rw /
passwd
passwd: Authentication token manipulation error
No change.
sudo pwck
Showed no errors.
sudo grpck
Showed no errors.
ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-
-rw-r--r-- 1 root root 767 May 7 16:45 /etc/group
-rw-r--r-- 1 root root 1380 May 7 16:45 /etc/passwd
-rw-r----- 1 root shadow 1025 May 8 09:11 /etc/shadow
-rw------- 1 root root 1025 May 7 16:46 /etc/shadow-
Looks normal.
sudo cat /etc/shadow |grep oracle
oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::
Showed user and encrypted password.
sudo cat /etc/shadow- |grep oracle
Showed nothing. Not sure what that means but doesn't look right.
sudo passwd -d oracle
passwd
So the solution was to delete the password then reset new password.
Hope this helps.
I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.
I'm not sure how it happened. A sudo user created my account then deleted it then created it again.
Here is what I found
mount -o remount,rw /
passwd
passwd: Authentication token manipulation error
No change.
sudo pwck
Showed no errors.
sudo grpck
Showed no errors.
ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-
-rw-r--r-- 1 root root 767 May 7 16:45 /etc/group
-rw-r--r-- 1 root root 1380 May 7 16:45 /etc/passwd
-rw-r----- 1 root shadow 1025 May 8 09:11 /etc/shadow
-rw------- 1 root root 1025 May 7 16:46 /etc/shadow-
Looks normal.
sudo cat /etc/shadow |grep oracle
oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::
Showed user and encrypted password.
sudo cat /etc/shadow- |grep oracle
Showed nothing. Not sure what that means but doesn't look right.
sudo passwd -d oracle
passwd
So the solution was to delete the password then reset new password.
Hope this helps.
I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.
edited Apr 13 '17 at 12:25
Community♦
1
1
answered May 8 '13 at 16:07
BernardBernard
30134
30134
1
Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
– GOST
Apr 9 '16 at 7:44
add a comment |
1
Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
– GOST
Apr 9 '16 at 7:44
1
1
Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
– GOST
Apr 9 '16 at 7:44
Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
– GOST
Apr 9 '16 at 7:44
add a comment |
I got this error by changing password with device where date was not set. (ie. it was random after boot)
Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.
To fix the account I had to:
- Set the correct date
- Edit sane expiration/last password change dates to
/etc/shadowfile (I used last working shadow file) - Change the password with root-rights to new one.
add a comment |
I got this error by changing password with device where date was not set. (ie. it was random after boot)
Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.
To fix the account I had to:
- Set the correct date
- Edit sane expiration/last password change dates to
/etc/shadowfile (I used last working shadow file) - Change the password with root-rights to new one.
add a comment |
I got this error by changing password with device where date was not set. (ie. it was random after boot)
Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.
To fix the account I had to:
- Set the correct date
- Edit sane expiration/last password change dates to
/etc/shadowfile (I used last working shadow file) - Change the password with root-rights to new one.
I got this error by changing password with device where date was not set. (ie. it was random after boot)
Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.
To fix the account I had to:
- Set the correct date
- Edit sane expiration/last password change dates to
/etc/shadowfile (I used last working shadow file) - Change the password with root-rights to new one.
edited Mar 23 '12 at 13:56
Yi Jiang
93911227
93911227
answered Mar 22 '12 at 8:06
zachezache
5111
5111
add a comment |
add a comment |
This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).
This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.
See: man pam_chauthtok
PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.
Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.
add a comment |
This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).
This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.
See: man pam_chauthtok
PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.
Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.
add a comment |
This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).
This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.
See: man pam_chauthtok
PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.
Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.
This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).
This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.
See: man pam_chauthtok
PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.
Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.
edited Apr 13 '17 at 12:14
Community♦
1
1
answered Jul 18 '16 at 1:04
kenorbkenorb
4,52013954
4,52013954
add a comment |
add a comment |
protected by Community♦ May 13 '12 at 12:36
Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
1
Another possible solution can be found at root can change the password of a user, but the user herself cannot.
– Melebius
Jul 23 '18 at 12:13