Providing default root password /etc/shadow

I am new to lede and trying to use openwrt for a fun project. The target board is rpi-b+ and it works as expected. However, there is no default password on the openwrt and have to set it up after booting the device. I know lede has the /etc/passwd and /etc/shadow file in the base-files package.
It would be great if someone can suggest me the way to update these two file to provide a default root password built into the firmware.

Thanks in advance,

First set the password is a live router, then copy /etc/passwd and /etc/shadow from the router to your build environment and include them in the firmware build as custom files.

1 Like

Thank you for your reply,
But it is not working always. I flashed the binaries 4 times, non of them had the password I provided. Also the sha256 sum is different after running -
make packages/base-files/{clean,compile} V=99
The compared files are {lede-buildroot}/build_dir/linux-bcm**/base-files**/etc/{shadow, passwd} and {lede-buildroot}/files/etc{shadow,passwd}

Am I doing something wrong?
Thanks again.

"Custom files" from {lede-buildroot}/files are not part of base-files package, but they are just inserted into the rootfs file system after all packages, including base-files, have been installed during the final make step. You need to make the whole firmware image, not just base-files. And then look at the root file system, not the contents of base-files (which only contains the "normal" default files).

E.g. in my ipq806x R7800, the custom files are in

So, your {lede-buildroot}/build_dir/target**/linux-bcm**/base-files**/etc/{shadow, passwd} looks wrong. The correct place would be something like {lede-buildroot}/build_dir/target**/root-bcm**/etc/{shadow, passwd}
(Note, I corrected your path above to include the missing target that you had skipped.)

For more detailed info, see include/ from line 58 onward:;a=blob;f=include/;hb=HEAD#l58

Thank you. It worked after performing a full build.

The link was very useful.


Is it possible to put it under {openwrt-buildroot}/files/etc/passwd? Do the files need any special permissions?

Yes, that will work. root ownership is set by the build process, so do not chown on it. chmod to match whatever is default or your preference.


Thanks Jeff, got it working. Just for the record, the defaults are 600 for /etc/shadow and 664 for /etc/passwd

1 Like

As well as copying the image /etc/passwd and /etc/shadow into files/etc/
I added files/etc/login.defs with ENCRYPT_METHOD MD5
and I use the following script to create a passwd:


if [ $# -ne 1 ]
  echo "Usage: $0 <password>"
  exit 1
passwd=$(openssl passwd -1 ${ps1})
awk 'BEGIN {FS=":"; OFS=":";}  {if ($0 ~ /^root/) {print $1,"'$passwd'",$3,$4,$5,$6,"::";} else {print $0;}}' < files/etc/shadow > myshadow
mv myshadow files/etc/shadow

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.