Resetting a Forgotten Root Password

How to reset the root password and how to prevent someone else from doing it.

By on November 20th, 2006 10:10 GMT
Have you ever forgotten your root password? Everyone knows how important the root password is, and therefore, chances are very slim to actually forget it. However, other scenarios can take place and lead to an unknown root password. Fortunately, there are a few methods available for resetting a root password.

NOTE: You should only try to recover passwords from computers you legally have access to. This document is here only to help and I am not responsible if you use it to break into other people's systems without their approval. The only responsible for that action is YOU!

Method One - The easy way

This method will reset the root password by booting your Linux system into single-user mode and will slightly differ, depending on the boot manager you're using: GRUB or LILO.

Booting in single mode from GRUB:

- Reboot the system and wait for the GRUB screen to appear
- Highlight the kernel version you're currently using (usually the newest version) from the GRUB list
- Press "e" to be taken to the boot commands edit screen, highlight the line which starts with kernel and press "e" again
- Add "single" to the end of the line, so it will look like this:
kernel /vmlinuz-kernel-version ro root=LABEL=/ rhgb quiet single
- Press "Enter" to save the changes
- Press "b" to boot in single user mode.
Your system will begin loading and, at some point, you will be presented with a root bash prompt.
- In the new prompt type passwd and choose a new password for root.
- When done, type reboot to restart the system. After reboot, GRUB will be back to normal so no further modifications are required.

NOTE: If you are asked for the root password before dropping you in a bash prompt in single user mode, you should follow the instructions above and append single init=/bin/bash to the kernel line, not just single.

Booting in single mode from LILO

- Reboot the system and wait for the LILO screen to appear
- When you see the boot: prompt, type linux single to boot into single user mode
- Once the system has booted, you will be dropped into a bash prompt where you will have to type passwd to set a new password for root.
- Type reboot to restart the system and get everything back to normal.

NOTE: If you are asked for the root password before dropping you in a bash prompt in single user mode, you should follow the instructions above and type linux init=/bin/bash instead of linux single.

Method Two - The Hard Way

In case GRUB or LILO are password protected, you will have to boot your system from a live cd Linux distribution such as Knoppix or SLAX and follow these instructions:

- Boot the live cd as normal
- Once logged in, open a terminal and type this as the super-user:

# mkdir /mnt/hd
# mount /dev/hdaX /mnt/hd

(where /dev/hdaX is your Linux system partition with forgotten root password, it could be /dev/hda1 or /dev/sdaX if you have a S-ATA drive).
# chroot /mnt/hd
# passwd


- If, for whatever reason, the chroot command above fails, try:

# cd /mnt/hd/etc
- Open shadow file in your favorite text editor
- Find the root entry which may look like this:
root:$1$oPldWBFd$3rQbA.Fz7KtyF4IAFP0kq1:13472:0:99999:7:::

- Delete the password hash (the bold text)
- After you have edited this entry, it should look like this:
root::13472:0:99999:7:::
- Save the file
- Type:

# cd /
# umount /dev/hdaX

(Where hdaX is the Linux partition with the forgotten root password mounted earlier)

- Reboot and remove the live cd to boot in your regular Linux system.
- Once the boot process is complete, you will be asked for a username: type root and for a password: press ENTER (NO password because you edited the /etc/shadow file).
- At the moment, your root account is passwordless, which is very bad. To quickly set a root password, type:
# passwd

Preventing others from resetting the root password

If other people have physical access to the Linux system, you really should follow these instructions as they slightly increase your system security.

Password protecting Single User mode

- Open /etc/inittab in your favorite text editor
- Add the following line BEFORE the id:X:initdefault: line:
~~:S:wait:/sbin/sulogin

This will require the user to enter the root password before dropping him in the root bash prompt in Single User Mode.

Password Protecting GRUB

Once the GRUB has been password protected, you won't be able to edit the kernel boot options (add single to the kernel line) unless you enter the GRUB password. However, you will be able to select what kernel to boot.

- Open a root terminal
- Type /sbin/grub-md5-crypt and press enter
- Enter the password you want to set for GRUB. The MD5 hash will appear.
- Edit /boot/grub/grub.conf and add the line under the timeout=5:
password --md5 passwordHASH
(Replace passwordHASH with the hash resulted from grub-md5-crypt).
- The password like from your grub.conf will look like this:
timeout=5
password --md5 $1$1OBii1$x78zK/tZB.VMoXzEzcg7x.

- Save the file and exit. Next time you reboot, you will have to press P and enter the password entered in grub-md5-crypt in order to edit the kernel boot options.

Password Protecting LILO

- Open a root terminal
- Edit /etc/lilo.conf in your favorite text editor
- Add the following line before the first image stanza:
password=passwordHERE , where passwordHERE is the password you want to set for LILO.
- Run /sbin/lilo -v to let the changes take effect
- Type chmod 600 /etc/lilo.conf to allow only root to read and edit the file, since the password is in plain text.

Preventing booting from a Linux Live CD

To prevent this from happening, reboot your PC, enter BIOS configuration screen, set the Linux drive as the first boot device and then set a master password for the BIOS itself.

Unfortunately, there is no easy way of preventing someone from removing the hard drive, mount it on another server and edit the /etc files.

7 Comments