How to reset GNU/Linux root/user password

The root account is the most privileged account on a Unix system. The root account has no security restrictions imposed upon it (Hmm…there are some exceptions though). When you are logged in as super user, you don’t have to face any questions. Therefore it is easy, with a mistyped command, to wipe out crucial system files or even the whole system all of a sudden. I have had situations where I forgot my root password and is unable to do any administrative level tasks. Due to increase in different type of cloud services, users are forced to manage large number of passwords and it is very common to forget some of them which may include the system’s own root password. What can we do in those situations? Either we recover or just reset the previous root password with a new one. The former is explained in one of my earlier post ( Now we shall look at how to reset root or user passwords. Basically this can be done either with the help of a bootable live CD or through GRUB. I will explain both in this article.

Modifying kernel boot parameters via GRUB
In Unix-like systems, init is the first process to be run, and the ultimate ancestor of all processes ever run. It’s responsible for running all the init scripts. What happens if I tell kernel to not initialize with system default init and instead init directly into shell? This is how we do it.
[1] Select the appropriate boot entry in the GRUB menu and press e to edit the line.
[2] Select the kernel line (an example is shown below) and append init=/bin/bash at the end of line i.e, we just need to specify the root partition and init entry point
Older kenel line: linux16 /vmlinuz-4.1.7-200.fc22.x86_64 root=/dev/mapper/fedora_dhcp–0–156-root ro vconsole.font=latarcyrheb-sun16  rhgb quiet LANG=en_US.UTF-8
Modified kernel line: linux16 /vmlinuz-4.1.7-200.fc22.x86_64 root=/dev/mapper/fedora_dhcp–0–156-root rw init=/bin/bash
Note:- Make sure that you replace ro with rw. Because your ultimate goal is to reset the password for which you need the partition to be not read-only.
[3] Press Ctrl+x to boot. (In previous version of grub you may need to press b to boot the kenrel)
[4] Now your root file system is mounted in read-write mode and verify that you are root by checking the output of whoami command.
[5] Reset the password for any user by issuing passwd <username/root> command.
[6] Reboot and do not loose your password again!
This is not foolproof method. If you encounter any issues please follow the alternate method. But this works almost all the time.

chroot to existing root env via LiveCD
A chroot environment is an operating system call that will change the root location temporarily to a new directory. Typically, the operating system’s conception of the root directory is the actual root located at ‘/’. However, with chroot, you can specify another directory to serve as the top-level directory for the duration of a chroot. Follow the steps listed below to set up the chroot jail.
[1] Boot the LiveCD and open up a shell and become root.
# sudo -i
[2] Identify the root partition using fdisk -l. Unless you have separate partition for /home, root partition will be the one without boot flag and type as Linux.
[3] Mount the root partition to /mnt.
# mount /dev/sdaX /mnt
Note:- In case your root partition is encrypted with LUKS, refer on how to decrypt and mount LUKS encrypted LVM volumes.
[4] Set up the chroot environment by executing the following commands:
# mount -t proc proc /mnt/proc
# mount -t sysfs sys /mnt/sys
# mount -o bind /dev /mnt/dev
[5] Change the root environment to mounted filesystem
# chroot /mnt /bin/bash
[6] Now you are inside your installed linux root environment. Run passwd <username/root> command to reset the password.
[7] When you are done unmount the root partition, press Ctrl+D to exit the chroot jail and reboot.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s