I administer a LOT of Linux systems. Most of those systems information are in a file I keep that tells me what their passwords are. I normally either do not forget a root password or do not lose the paperwork for a Linux system. But I have been in situations where a new client had no idea what their Linux root password was. In those instances I had to change the root password. Problem is, if you don’t know the root password, how are you going to change it? You need to know a method of password recovery for the Linux operating system.
There is a way to do this. It will work with most systems that use a root password. Of course if we’re talking about a lost boot password, you’re out of luck…this won’t help you recover that. What this method does is reboot your machine into what is called “single user mode”. Single user mode is also referred to as maintenance mode and is runlevel 1.
Reboot the Machine
The first thing you need to do is reboot the machine in question. The next step will vary, depending upon your distribution. What you need to do is to get to the screen that allows you to select which kernel to boot. Some systems (such as Fedora 10) require you to hit the escape key before the kernel boots. Some systems require a Ctrl-x key combination. Some systems require you to hit the “e” key. With Fedora 10 the sequence is this: After your bios posts you will hit the escape key to open up the Grub boot menu. In that menu select the kernel you are going to boot and hit the “a” key (for “append”). What you will see is the kernel boot command for your machine. What you need to do is append single to the end of that command (make sure there is a space before single) and hit the enter key.
Your machine will now start the single user boot process. You will see some processes list as “fail”. Do not worry about this. Eventually you will find yourself at a root prompt. At this point all you need to do is enter the command passwd and then type the new password for the root user when prompted.
Once you have entered the new root password reboot the machine by issuing the reboot command. When the machine reboots you will have recovered the root password. Congratulations!
Related posts:
Auto mounting a Samba share in LinuxSet your hostname in Linux
Shorten Linux Boot Time with Services
Starting services at boot in Linux
Check for root kits with rkhunter
Install Linux on a USB drive with UNetbootin
Understanding Linux /etc/fstab
Learning Linux: Log Files
13 Responses to “How To Reset the Root Password in Linux”
Trackbacks/Pingbacks
-
[...] Posted by jazzyjeph on February 26, 2009 Although Linux is known for its security amongst other things it seems to be frighteningly easy to reset the Root password thereby giving you complete access to ALL the files of ANY user on the system, this seems like a major oversight that should have been locked down a long time ago or perhaps i’m missing something if anybody can enlighten me. I realise you could remove the Shutdown/Restart options from a desktop or BIOS lock a computer but surely there must be another way, at least in Windows you have to reboot with a LIVE CD to reset the Administrator password.Please feel free to share any ideas on this subject.It was the excellent gHacks website that reminded me of this, you can read more here How To Reset the Root Password in Linux [...]
-
[...] How to reboot single user mode By mantikore http://www.ghacks.net/2009/02/25/how-to-reset-the-root-password-in-linux/ [...]
What is the IP address of the machine with your master password file? :)
Seriously, though, in what format do you save that password file? Is a password-protected .ods document considered enough?
Dotan: fortunately this file is actually a hard copy, in a notebook, in my office. ;-) so you’d have to have access to my office and then know where the piece of paper is. ;-)
Dotan: in all seriousness…if i had to store a file like that on a PC most likely i would use gpg to encrypt the file with a key not shared out to anyone.
I’ve missed Final Thoughts :D
I tried this on a SUSE Linux Enterprise 9 Server. Upon bootup to Single-User mode (Run Level 3), the system prompted me for the root password. After so many failed attempts it changes the runlevel to reboot (Run Level 6).
Different results but the info will probably come in handy on Fedora or another system someday so it is useful info anyway, thanks!
I’m surprised that this actually works on some distributions. I know that on Ubuntu, and I think Debian, too, the root password is required just before entering the root shell in single-user mode.
I tested on Kubuntu Intrepid Ibex, and it works here! That is far too easy, for me it’s a real security issue. I always thought one would have to boot a Knoppix CD and update the /etc/passwd file manually to change the root password….
@computer_freak_8: really, I didn’t need the old password here on kubuntu!
note: it does only work, if you didn’t specify a root password before (the normal case on ubuntu). Else it asks for the root-password when entering singe-user mode.
On (k)ubuntu systems, I would recommend to set a very secure root-password instead of leaving it blank, or to completely disable (lock) the root account by typing:
sudo passwd -l root
But like I already said, with a Knoppix CD, you can change the root-password of every linux. If the BIOS is password-protected, unplug the PC and remove the battery on the motherboard ;)
@Raoul:
A-ha! That makes sense, then, since I always specify a root password once I setup a system.
If there’s no password, there’s nothing to enter!
Thanks for the information; it is good to know.
So, this resets the root password, but keeps all other data unchanged?
Wow, seems like a major security flaw to me and I thought Linux was secure. But I suppose it is the difference between preventing people doing something stupid to their system with root access, and preventing people accessing your sensitive data and messing up your box with root access.
I am guessing there is no way to access this login via SSH or remotely, so you atleast need access to the machine?