I know this not a really good topic. Since it will give a chance for those hackers or those who might have stolen someone's WB and try to make it their own by getting into SSH.
Well, this is intended for those who are honest and really messed up their password like myself. I decided to give my defacto password a change to a super long alorgith pass from GRC. You can obtain you very own personal password from them through here https://www.grc.com/passwords.htm.
So I logged into root as usual and change my password and did a copy and paste off the website.
I did it real fast but made a huge mistake to actually make a file to store the password first. This way you can make sure you are copying the right password. Save the file and now open the file and copy the password and now change the password.
Exit SSH and relog in to root with new password.
Well, I thought I got that the first time (of course without store the password first).
So I input the password and got the "access is denied"
I tried everything I can and can't seem to get in. Wasted 3 hours of research and finally found a way to get in.
To get back into root after a failed password:
1. Make sure you have a user made in WB interface. Meaning at http://<mybook ip>. This should bring up the wb webinterace. Make sure you know the password for admin on this. If not, I guess you can reset it by using a paperclip in the back of the mybook and log in with default admin / 123456. I don't know if this will wipe out all the user info, haven't confirm. If so, just create a new one. Make sure this user have admin status.
2. log in SSH (in my case, I use putty)
3. Use the user and password that is created in the WB interface.
4. You should be able to log in that looks something like this
[<myuser>@<mybook> / ]
5. now type:
6. You should be in root now and looks something like this.
[root@<mybook> ~ ] <--— Looks fimilar eh?
7. now type:
change to new password, make sure you have this password update to your file or use the GRC password.
If it is true to what I type above, then you stolen mybook is doomed for any hackers or thiefs. You can get into ssh with root no matter what.
Bright side is, you don't have to really worry about forgetting your password (honest mistake). There is always a life line to get you back into your mybook property to do more hacking. =P
So with this knowledge, I don't know if it's a good thing or bad. But I guess it depends who is using the info perhaps.