Tech Junkie Blog - Real World Tutorials, Happy Coding!: Linux Administration: Reset Lost Root Password

Monday, January 17, 2022

Linux Administration: Reset Lost Root Password

 There are times when you need to change the root password, it could be that you are trying to prevent a malicious former employee or that you yourself have forgotten the password.  Well you don't have to rebuild the system.  That would be an option and a costly one at that.  What you could do instead is to reset the root password on the existing install.

Here are the steps to reset the root password on your Linux system:

1. Boot up your Linux system normally when you get the boot menu press esc to stop the countdown, then press e to edit the boot file.



2. Go to the line where you see rhgb and quiet then remove the options from the line









3. Replace the options with rd.break and enforcing=0 the option tells Linux to break at the ram disk break point in the boot process and the if you are using SELinux to enforce it, be mindful that the \ is not part of the command, it's a line break symbol in the boot configuartion file.





4. Press Ctrl+x to continue with the boot process, as you can see you are now stopped at the switch_root:/# prompt which will give you the opportunity to switch to the root's filesystem













5.The first thing we have to do is remount the root filesystem because it's currently set read only.  We want to set it to read and write so that we can reset the root password., if you want to clear the screen type Ctrl+l
6. You accomplish this by typing mount -o remount,rw sysroot
7. Now we want to set a false root call chroot and point it to the root filesystem with the command chroot /sysroot

8. So with the /sysroot filesystem remounted with read and write permission and  chroot as the false root we can now run the passwd command and change the password like we normally would






9. Now it's very important that we set everything back to normal, so type exit to get out and type 

mount -o remoumt,ro /sysroot

to set the root filesystem back to read only, type exit to continue with the boot process

10. Depending on weather you have SELinux enabled or not, your experience will might be different.  If you don't have have it enable you will have it enabled then you will be taken to the login screen and your machine will operate the way that it should with the new root password. But regardless of your experience you should revert boot file configuration back to the way it is by doing the reverse of 2 and 3

11. Before we even do that we want to reinforce security if you have it enabled before by typing the following commands

restorecon /etc/shadow

setenforce 1





No comments:

Post a Comment

Search This Blog