HOW-TO: Reset a Forgotten Root Password

It can happen to me.. to you.. or to one of your clients, where a machine will have to be worked on but the root password is somehow lost or forgotten. Pretty basic you might think, but you might be faced with this hurdle sooner than you think.

With the number of hosts to administer, the burgeoning problem of recalling passwords escalate. Discipline would entail putting passwords in a vault. But then again, human error factors in and this quick step was skipped. There are a number of different reasons to point to, but when faced with this scenario, what can one do?

Traditional wisdom will beckon you to reboot and go to the single-user mode. Let us discuss first how this is done.

In LILO, pass the parameter "single":

LILO: linux single


In GRUB, at the boot screen select the kernel and press "e" (to edit the entry) and select the second line containing the word kernel. Press "e" again to edit the line and append "single" to that line:
grub edit> kernel /boot/vmlinuz-x.x.x-x root=/dev/sda1 ro single


On many flavors of linux, the system will happily present you with a root shell to do your thing and change the root password. However, not all will happily oblige and still ask for the root password:
Give the root password for maintenance
(or type Control-D for normal startup):


When this happens, it is again back to square one. However, all is not lost. You may try to use a live CD (the steps to which we will discuss in another post). Assuming the host does not have an optical drive, try the procedure below.

A word of WARNING before proceeding. If you want to experiment on this, try it out on a development box or a virtual machine first. As a rule of thumb, when working on a production machine, have another pair of eyes on board.

Try passing the parameter "init=/bin/bash" instead of "single". What then does this do? It instructs the linux kernel to execute the shell bash (/bin/bash) instead of executing init. It does not give you much to work on as there services/daemons executed during startup were not executed, but it does give you a shell where the password can be reset.
LILO: linux init=/bin/bash

.. likewise, in grub:
grub edit> kernel /boot/vmlinuz-x.x.x-x root=/dev/sda1 ro init=/bin/bash


So if you have noticed, you get a root shell right out of boot-up. Unfortunately that is not yet enough to change the root password, as the filesystem is mounted read-only. Remedy this situation first.
# mount -o remount,rw /


Executing the above command will remount the root partition (/) read-write. We can now proceed in changing the root password. Now is the time to for proper discipline to kick in and note the new password in the vault.

Once done with the above, DO NOT REBOOT just yet. There are no safeguards in place to properly take the system down and the root partition was mounted read-write. Return it to its original state when it booted up -- a read only root partition.
# mount -o remount,ro /


Now the system can be rebooted or the reset button pressed.

You might also be interested in:

Feedback

We at pimp-my-rig strive to keep on improving, help us reach that goal by leaving comments or constructive criticisms. Don't miss out on our next feature -- subscribe via RSS (What is RSS?).

Share This

0 comments: