Sfdwhf

Can we "borrow" our answers to populate our own websites?

How would you say "I like to go bowling" and other suru verbs?

How does one write from a minority culture? A question on cultural references

Does Skippy chunky peanut butter contain trans fat?

How can the probability of a fumble decrease linearly with more dice?

Cat is tipping over bed-side lamps during the night

Bash script to truncate subject line of incoming email

Changing the laptop's CPU. Should I reinstall Linux?

Does the ditching switch allow an A320 to float indefinitely?

Could an Apollo mission be possible if Moon would be Earth like?

Why do all the books in Game of Thrones library have their covers facing the back of the shelf?

Sprint is 2 week and 40-stories

In Linux what happens if 1000 files in a directory are moved to another location while another 300 files were added to the source directory?

The effect of fishing on total land area needed to feed an island settlement

Why is Agricola named as such?

microtype error with lualatex: "attempt to call field warning a nil value"

Can the "Friends" spell be used without making the target hostile?

Why did Luke use his left hand to shoot?

Existence of Riemann surface, holomorphic maps

Why does magnet wire need to be insulated?

Has any human ever had the choice to leave Earth permanently?

Count repetitions of an array

Can polar coordinate cause misalignment in TikZ?

Is there any risk in sharing info about technologies and products we use with a supplier?

Authentication token manipulation error

Cannot bypass the password?I want to change my administrator password but am receiving an error“manipulation token authentication error”password help pleaseI cant login in Ubuntu Server after passwd commandTrying to change administrator passwordGetting an “Authentication token manipulation” error when trying to change my user passwordremounting as read/write — will I lose my data?How to login into Ubuntu after an upgrade to 12.04?root can change the password of a user, but the user herself cannotUbuntu 16.04, pbis, authentication token manipulation problempassword help please“Authentication Manipulation Error” when trying to reset my passwordHow to Enter into Recovery mode?Password reset will not let me typeforgot password for another one user account created in my system, how to solve it?I am not getting the root prompt in recovery modeAdmin password resetForgotten Password -cant changeI have tried grub booting to reset my password but it won't work, did I do something wrong?Ubuntu 16.04, pbis, authentication token manipulation problem

133

41

I forgot my Ubuntu password so I booted into recovery and dropped into a root shell prompt and this is what happened:

root@username-PC:~# passwd username

Enter new UNIX password:

Retype new UNIX password:

passwd: Authentication token manipulation error

passwd: password unchanged

password-recovery

share|improve this question

edited Dec 15 '13 at 14:21

Braiam

52.1k20136222

asked Dec 29 '11 at 5:22

era878era878

1,00921319

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Another possible solution can be found at root can change the password of a user, but the user herself cannot.
  
  – Melebius
  Jul 23 '18 at 12:13
  

  
  
  
  

add a comment | 

133

41

I forgot my Ubuntu password so I booted into recovery and dropped into a root shell prompt and this is what happened:

root@username-PC:~# passwd username

Enter new UNIX password:

Retype new UNIX password:

passwd: Authentication token manipulation error

passwd: password unchanged

password-recovery

share|improve this question

edited Dec 15 '13 at 14:21

Braiam

52.1k20136222

asked Dec 29 '11 at 5:22

era878era878

1,00921319

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Another possible solution can be found at root can change the password of a user, but the user herself cannot.
  
  – Melebius
  Jul 23 '18 at 12:13
  

  
  
  
  

add a comment | 

I forgot my Ubuntu password so I booted into recovery and dropped into a root shell prompt and this is what happened:

root@username-PC:~# passwd username

Enter new UNIX password:

Retype new UNIX password:

passwd: Authentication token manipulation error

passwd: password unchanged

password-recovery

share|improve this question

edited Dec 15 '13 at 14:21

Braiam

52.1k20136222

asked Dec 29 '11 at 5:22

era878era878

1,00921319

root@username-PC:~# passwd username

Enter new UNIX password:

Retype new UNIX password:

passwd: Authentication token manipulation error

passwd: password unchanged

share|improve this question

edited Dec 15 '13 at 14:21

Braiam

52.1k20136222

asked Dec 29 '11 at 5:22

era878era878

1,00921319

share|improve this question

edited Dec 15 '13 at 14:21

Braiam

52.1k20136222

asked Dec 29 '11 at 5:22

era878era878

1,00921319

edited Dec 15 '13 at 14:21

Braiam

52.1k20136222

edited Dec 15 '13 at 14:21

Braiam

52.1k20136222

asked Dec 29 '11 at 5:22

era878era878

1,00921319

asked Dec 29 '11 at 5:22

era878era878

1,00921319

4 Answers
4

active

oldest

votes

181

Also make sure you are mounting the file system read/write.

After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.

Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.

The command to run prior to changing the password is: mount -rw -o remount /

share|improve this answer

edited Apr 29 '12 at 14:39

Community♦

1

answered Jan 3 '12 at 23:29

BrandonBrandon

1,8261102

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  even after following these steps it will not accept my password
  
  – angela
  Aug 14 '14 at 15:09
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  Odd. mount showed that / was already mounted as read/write, but mount -rw -o remount / still worked. No idea why.
  
  – Hubro
  Dec 2 '15 at 9:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
  
  – B.Mr.W.
  Aug 1 '16 at 16:27
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  +1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
  
  – bshea
  Apr 4 '17 at 15:40
  

  
  
  
  

add a comment | 

13

I'm not sure how it happened. A sudo user created my account then deleted it then created it again.

Here is what I found

mount -o remount,rw /

passwd

passwd: Authentication token manipulation error

No change.

sudo pwck

Showed no errors.

sudo grpck

Showed no errors.

ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-

-rw-r--r-- 1 root root    767 May  7 16:45 /etc/group

-rw-r--r-- 1 root root   1380 May  7 16:45 /etc/passwd

-rw-r----- 1 root shadow 1025 May  8 09:11 /etc/shadow

-rw------- 1 root root   1025 May  7 16:46 /etc/shadow-

Looks normal.

sudo cat /etc/shadow |grep oracle

oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::

Showed user and encrypted password.

sudo cat /etc/shadow- |grep oracle

Showed nothing. Not sure what that means but doesn't look right.

sudo passwd -d oracle

passwd

So the solution was to delete the password then reset new password.

Hope this helps.

I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.

share|improve this answer

edited Apr 13 '17 at 12:25

Community♦

1

answered May 8 '13 at 16:07

BernardBernard

30134

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
  
  – GOST
  Apr 9 '16 at 7:44
  

  
  
  
  

add a comment | 

5

I got this error by changing password with device where date was not set. (ie. it was random after boot)

Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.

To fix the account I had to:

1. Set the correct date


2. Edit sane expiration/last password change dates to /etc/shadow file (I used last working shadow file)


3. Change the password with root-rights to new one.

share|improve this answer

edited Mar 23 '12 at 13:56

Yi Jiang

93911227

answered Mar 22 '12 at 8:06

zachezache

5111

add a comment | 

4

This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).

This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.

See: man pam_chauthtok

PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.

---

Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.

share|improve this answer

edited Apr 13 '17 at 12:14

Community♦

1

answered Jul 18 '16 at 1:04

kenorbkenorb

4,52013954

add a comment | 

protected by Community♦ May 13 '12 at 12:36

Thank you for your interest in this question.
Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).



Would you like to answer one of these unanswered questions instead?

181

Also make sure you are mounting the file system read/write.

After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.

Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.

The command to run prior to changing the password is: mount -rw -o remount /

share|improve this answer

edited Apr 29 '12 at 14:39

Community♦

1

answered Jan 3 '12 at 23:29

BrandonBrandon

1,8261102

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  even after following these steps it will not accept my password
  
  – angela
  Aug 14 '14 at 15:09
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  Odd. mount showed that / was already mounted as read/write, but mount -rw -o remount / still worked. No idea why.
  
  – Hubro
  Dec 2 '15 at 9:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
  
  – B.Mr.W.
  Aug 1 '16 at 16:27
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  +1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
  
  – bshea
  Apr 4 '17 at 15:40
  

  
  
  
  

add a comment | 

181

Also make sure you are mounting the file system read/write.

After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.

Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.

The command to run prior to changing the password is: mount -rw -o remount /

share|improve this answer

edited Apr 29 '12 at 14:39

Community♦

1

answered Jan 3 '12 at 23:29

BrandonBrandon

1,8261102

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  even after following these steps it will not accept my password
  
  – angela
  Aug 14 '14 at 15:09
  

  
  
  
  


• 
  
  
  

  
  2
  

  
  
  
  
  
  

  
  
  Odd. mount showed that / was already mounted as read/write, but mount -rw -o remount / still worked. No idea why.
  
  – Hubro
  Dec 2 '15 at 9:11
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  i am simply one of those idiots who did not read the stdout and forgot to put in the "(current) Unix password" but the password that I want it to be :(
  
  – B.Mr.W.
  Aug 1 '16 at 16:27
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  +1 - Obvious but not assumed. TY! Also, Ubuntu would be smart to mention this when dropping into root shell when using 'recovery' option.. along with a warning about root rw usage..
  
  – bshea
  Apr 4 '17 at 15:40
  

  
  
  
  

add a comment | 

Also make sure you are mounting the file system read/write.

After immediately selecting 'Drop into root shell prompt' I found the filesystem was mounted read only, which prevents resetting the password.

Choosing the option to remount / as read/write and going back into the root shell prompt enabled the password change.

The command to run prior to changing the password is: mount -rw -o remount /

share|improve this answer

edited Apr 29 '12 at 14:39

Community♦

1

answered Jan 3 '12 at 23:29

BrandonBrandon

1,8261102

share|improve this answer

edited Apr 29 '12 at 14:39

Community♦

1

answered Jan 3 '12 at 23:29

BrandonBrandon

1,8261102

edited Apr 29 '12 at 14:39

Community♦

1

edited Apr 29 '12 at 14:39

Community♦

1

answered Jan 3 '12 at 23:29

BrandonBrandon

1,8261102

answered Jan 3 '12 at 23:29

BrandonBrandon

1,8261102

13

I'm not sure how it happened. A sudo user created my account then deleted it then created it again.

Here is what I found

mount -o remount,rw /

passwd

passwd: Authentication token manipulation error

No change.

sudo pwck

Showed no errors.

sudo grpck

Showed no errors.

ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-

-rw-r--r-- 1 root root    767 May  7 16:45 /etc/group

-rw-r--r-- 1 root root   1380 May  7 16:45 /etc/passwd

-rw-r----- 1 root shadow 1025 May  8 09:11 /etc/shadow

-rw------- 1 root root   1025 May  7 16:46 /etc/shadow-

Looks normal.

sudo cat /etc/shadow |grep oracle

oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::

Showed user and encrypted password.

sudo cat /etc/shadow- |grep oracle

Showed nothing. Not sure what that means but doesn't look right.

sudo passwd -d oracle

passwd

So the solution was to delete the password then reset new password.

Hope this helps.

I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.

share|improve this answer

edited Apr 13 '17 at 12:25

Community♦

1

answered May 8 '13 at 16:07

BernardBernard

30134

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
  
  – GOST
  Apr 9 '16 at 7:44
  

  
  
  
  

add a comment | 

13

I'm not sure how it happened. A sudo user created my account then deleted it then created it again.

Here is what I found

mount -o remount,rw /

passwd

passwd: Authentication token manipulation error

No change.

sudo pwck

Showed no errors.

sudo grpck

Showed no errors.

ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-

-rw-r--r-- 1 root root    767 May  7 16:45 /etc/group

-rw-r--r-- 1 root root   1380 May  7 16:45 /etc/passwd

-rw-r----- 1 root shadow 1025 May  8 09:11 /etc/shadow

-rw------- 1 root root   1025 May  7 16:46 /etc/shadow-

Looks normal.

sudo cat /etc/shadow |grep oracle

oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::

Showed user and encrypted password.

sudo cat /etc/shadow- |grep oracle

Showed nothing. Not sure what that means but doesn't look right.

sudo passwd -d oracle

passwd

So the solution was to delete the password then reset new password.

Hope this helps.

I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.

share|improve this answer

edited Apr 13 '17 at 12:25

Community♦

1

answered May 8 '13 at 16:07

BernardBernard

30134

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Use pam-auth-update to ensure that Kerberos is not used as one of pam authentication options - if so, passwd leads to Authentication token manipulation error
  
  – GOST
  Apr 9 '16 at 7:44
  

  
  
  
  

add a comment | 

I'm not sure how it happened. A sudo user created my account then deleted it then created it again.

Here is what I found

mount -o remount,rw /

passwd

passwd: Authentication token manipulation error

No change.

sudo pwck

Showed no errors.

sudo grpck

Showed no errors.

ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-

-rw-r--r-- 1 root root    767 May  7 16:45 /etc/group

-rw-r--r-- 1 root root   1380 May  7 16:45 /etc/passwd

-rw-r----- 1 root shadow 1025 May  8 09:11 /etc/shadow

-rw------- 1 root root   1025 May  7 16:46 /etc/shadow-

Looks normal.

sudo cat /etc/shadow |grep oracle

oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::

Showed user and encrypted password.

sudo cat /etc/shadow- |grep oracle

Showed nothing. Not sure what that means but doesn't look right.

sudo passwd -d oracle

passwd

So the solution was to delete the password then reset new password.

Hope this helps.

I originally posted here Getting an "Authentication token manipulation" error when trying to change my user password but google shows this result first so, I re-posted.

share|improve this answer

edited Apr 13 '17 at 12:25

Community♦

1

answered May 8 '13 at 16:07

BernardBernard

30134

mount -o remount,rw /

passwd

passwd: Authentication token manipulation error

sudo pwck

sudo grpck

ls -l /etc/passwd /etc/group /etc/shadow /etc/shadow-

-rw-r--r-- 1 root root    767 May  7 16:45 /etc/group

-rw-r--r-- 1 root root   1380 May  7 16:45 /etc/passwd

-rw-r----- 1 root shadow 1025 May  8 09:11 /etc/shadow

-rw------- 1 root root   1025 May  7 16:46 /etc/shadow-

sudo cat /etc/shadow |grep oracle

oracle:$6$FsPqyplr$DrIvjFDSx0ipHmECMw1AU5hTrbNMnnkGRdFlaQcM.p3Rdu2OLjY20tzUTW61HlFH16cal56rKlLuW4j2mK9D.:15833:0:99999:7:::

sudo cat /etc/shadow- |grep oracle

sudo passwd -d oracle

passwd

share|improve this answer

edited Apr 13 '17 at 12:25

Community♦

1

answered May 8 '13 at 16:07

BernardBernard

30134

edited Apr 13 '17 at 12:25

Community♦

1

edited Apr 13 '17 at 12:25

Community♦

1

answered May 8 '13 at 16:07

BernardBernard

30134

answered May 8 '13 at 16:07

BernardBernard

30134

5

I got this error by changing password with device where date was not set. (ie. it was random after boot)

Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.

To fix the account I had to:

1. Set the correct date


2. Edit sane expiration/last password change dates to /etc/shadow file (I used last working shadow file)


3. Change the password with root-rights to new one.

share|improve this answer

edited Mar 23 '12 at 13:56

Yi Jiang

93911227

answered Mar 22 '12 at 8:06

zachezache

5111

add a comment | 

5

I got this error by changing password with device where date was not set. (ie. it was random after boot)

Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.

To fix the account I had to:

1. Set the correct date


2. Edit sane expiration/last password change dates to /etc/shadow file (I used last working shadow file)


3. Change the password with root-rights to new one.

share|improve this answer

edited Mar 23 '12 at 13:56

Yi Jiang

93911227

answered Mar 22 '12 at 8:06

zachezache

5111

add a comment | 

I got this error by changing password with device where date was not set. (ie. it was random after boot)

Basically what happened was that when I changed the password the illegal timestamp got updated to /etc/shadow. After that one could not use that account to login or change its password. Even with root account it was impossible to change that password again.

To fix the account I had to:

1. Set the correct date


2. Edit sane expiration/last password change dates to /etc/shadow file (I used last working shadow file)


3. Change the password with root-rights to new one.

share|improve this answer

edited Mar 23 '12 at 13:56

Yi Jiang

93911227

answered Mar 22 '12 at 8:06

zachezache

5111

share|improve this answer

edited Mar 23 '12 at 13:56

Yi Jiang

93911227

answered Mar 22 '12 at 8:06

zachezache

5111

edited Mar 23 '12 at 13:56

Yi Jiang

93911227

edited Mar 23 '12 at 13:56

Yi Jiang

93911227

answered Mar 22 '12 at 8:06

zachezache

5111

answered Mar 22 '12 at 8:06

zachezache

5111

4

This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).

This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.

See: man pam_chauthtok

PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.

---

Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.

share|improve this answer

edited Apr 13 '17 at 12:14

Community♦

1

answered Jul 18 '16 at 1:04

kenorbkenorb

4,52013954

add a comment | 

4

This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).

This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.

See: man pam_chauthtok

PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.

---

Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.

share|improve this answer

edited Apr 13 '17 at 12:14

Community♦

1

answered Jul 18 '16 at 1:04

kenorbkenorb

4,52013954

add a comment | 

This error is coming from PAM (Pluggable Authentication Module) which says the module was unable to obtain the new authentication token (check auth.log for more details about this error).

This is related to your authorization settings found in /etc/pam.d/ directory (such as minimum_uid in common-auth or some other restrictions requisite marks). So please double check that the settings in PAM module are correct.

See: man pam_chauthtok

PAM_AUTHTOK_ERR: A module was unable to obtain the new authentication token.

---

Sometimes this error may happen when changing password for a user which didn't have the current password set yet and passwd still asks for it, so the workaround is to force the change by adding sudo, e.g.: sudo passwd $USER.

share|improve this answer

edited Apr 13 '17 at 12:14

Community♦

1

answered Jul 18 '16 at 1:04

kenorbkenorb

4,52013954

share|improve this answer

edited Apr 13 '17 at 12:14

Community♦

1

answered Jul 18 '16 at 1:04

kenorbkenorb

4,52013954

edited Apr 13 '17 at 12:14

Community♦

1

edited Apr 13 '17 at 12:14

Community♦

1

answered Jul 18 '16 at 1:04

kenorbkenorb

4,52013954

answered Jul 18 '16 at 1:04

kenorbkenorb

4,52013954