Change Root Password in RHEL

Changing the root password on a Red Hat Enterprise Linux server is a critical task that should only be done when absolutely necessary. In this article, we will walk you through the process of changing the root password on a Red Hat Enterprise Linux server. (This process will work on Debian, CentOS, and Rocky flavors of Linux)

The process of changing the root password on a Red Hat Enterprise Linux server is relatively simple. If you are not sure why you need to change the root password or what steps you need to take to change it, please consult with your system administrator before proceeding.

In order to change the root password on a Red Hat Enterprise Linux server, you will need access to the root user credentials.

There are 3 ways to break the boot process on Linux. The first 2 ways are manually entering break commands added to the boot.cfg file. The final way is to use a boot disk and rescue mode.

1. Rd.break – enters emergency mode with no system disk loaded
2. emergency  – similar to rd.break but mounts system disk
3. Rescue – like single user mode, disk mounted, and services started

To change the root password, you must use rdbreak because this process does not mount the system disk; mounting a system disk implements the file system permissions, meaning you cannot change the root password – instead, you will be asked for the root password.

Step 1- Reboot the Server and Break the Linux boot process

To change the Linux root passwd, first, ensure you start with your Linux Server powered off.

• Power on your server and watch the boot process on the screen or via a terminal connection
• At the GRUB2 boot screen, press e to edit boot.cfg

• Add the command rd.break after the boot image .img as per the picture above
• Choose to continue the startup process.
• the rd.break command will break the boot process and you will be dropped back to a shell prompt

Step 2 – Mount the Sysroot volume

What is sysroot? sysroot is the root directory for Red Hat Enterprise Linux systems. This is where you find the system’s configuration files, binaries, and libraries.

Sysroot is a system root directory that contains the files and directories that are necessary for the system to function. Changing your root password is a good way to secure your system

• Mount the system root using the command

 mount -o rw,remount /sysroot/ 

Step 3 – Access Sysroot Shell

• Access the shell by typing

chroot sysroot

Step 3 – Now change the root password

Type passwd to change root password

passwd  

When prompted, enter a new password

Step 4 – Auto-relabel the Sysroot volume

Important: now you have changed the root password, you must relabel the file system so that the files and folders are aware of the new password hashes. Simply type:

touch ./autorelabel

Step 5 – Remount the disks as Read-Only

Now mount disks as read-only

mount -o ro,remount /sysroot

Step 6 – Reboot and monitor the boot progress

Now reboot the server

reboot

Once the server reboots, you will be able to log in with your newly changed root password. It’s a little daunting when doing this for the first time, but after a while, it will become second nature.