Either way I'd investigate the disk and inform the user if I could find who owned it.
Easy enough to do by booting with a live CD and mouting the drive to browse it. You could even edit the /etc/passwd file to not require a password, or do a simple hash insertion in the /etc/shadow to insert a hash of a known password. But I agree that it sounds suspicious. I certainly wouldn't use another person's OS. You don't know if it's been rooted. You can't trust that it's not compromised. The seller should have wiped the drive before selling it. Heck if you have to return your computer for servicing, or return a drive I'd be wanting to wipe my personal information off of it before doing that (or wiping the entire drive if the situation allows it). If the issue is with the boot loader password, again boot with the live CD, mount the drive and edit /etc/grub.conf (or /boot/grub/grub.conf if you prefer not use the symbolic link) and remove the line with the password (or comment it out). If it's a BIOS password issue, removing the CMOS battery long enough should reset the BIOS (but will it reset it to a state that is suitable for that system - don't know...) Who is the seller on eBay? Good to know to stear clear of in the future. Jacques B.
