How to Reset Lost Root Password on Linux

by · Published · Updated

Sometimes, a lost root password reset is needed; perhaps a system administrator has left your place of work and not documented the root password, or you have experienced an error in the operating system error that has halted the system in read-only mode.

To change a password on Linux, like a user account, you’d typically use the Operating System through the passwd command (sudo passwd).

Nevertheless, the scenario differs when dealing with the root account, as a significant portion of the file system is mounted via root processes.

Guide to Reset Lost Root Password

Note: This guide assumes you have physical or virtual access to the server or access to the virtual console

Step 1 – Switch Off Server

  • Make sure your Linux server is powered off before initiating the password reset process.

Step 2 – Switch on the Server

  • Turn on your server and be prepared to interrupt the boot process.

Step 3 – Break the Boot Process

  • At the GRUB2 boot scree, press e to edit boot.cfg
  • Add the command rd.break after the boot image .img as per the picture above
  • Choose to continue the startup process.

The rd.break command interrupts the boot process, providing you with a shell prompt.

Note: where you add rd.break to interrupt the boot process, make sure to place it after the ro (read-only) parameter. This ensures that the root filesystem is initially mounted as read-only before breaking, reducing the risk of unintended changes.

Step 4 – Mount the Filesystem and Access the Shell

  • Mount the system root using the command

Bash
 mount -o rw,remount /sysroot/
  • Access the shell by typing
Bash
chroot /sysroot

Step 5 – Change the Root Password

Now type passwd to change the root password

Bash
passwd

Enter a secure password when prompted

Step 6 – Relabel the Root Filesystem and Reboot

Important: now you have changed the root password, you must relabel the filesystem so that the files and folders are aware of the new password hashes. Simply type:

Bash
touch ./autorelabel

Now mount disks as read-only

Bash
mount -o ro,remount /sysroot

Then reboot

Bash
systemctl reboot
Example of the reboot process

Step 7 – Verify Successful Relabeling

Verify Successful Relabeling

After rebooting, verify that the filesystem relabeling process was successful. You can check the progress by running:

Bash
restorecon -v / -R

This command displays the changes made to the file contexts. Ensure there are no errors.

Step 8 – Post Recovery Checks

Post-Recovery Checks

After logging in with the new root password, perform post-recovery checks. Verify system logs, check the integrity of critical files, and ensure that essential services are running.

Once the server reboots, you can log in using the newly changed root password. Although it might seem daunting initially, with practice, this process will become more familiar.

Further Reading

The Linux boot process explained

Root is a special user account, and it’s important for system administrators to learn how to reset the root password. It is important to know how a Linux Operating System boots. This tutorial focuses on the GRUB2 bootloader and the startup sequence completed by Systemd.

The Linux boot process is quite simple, you power on your PC or Server, then:

  • The system loads BIOS or UEFI
    • BIOS – basic input/output system
    • UEFI – unified extensible firmware interface
  • Next Loads GRUB2 (Grand Unified Bootloader version 2)
  • Kernel starts
  • Systemd starts

To change the root password, you have to break the boot process at the GRUB2 stage.

How to break the Linux boot process

There are 3 ways to break the boot process on Linux. The first 2 ways are manually entered break commands added to the boot.cfg file. The final way is using a boot disk and using rescue mode.

  1. Rd.break – enters emergency mode with no system disk loaded
  2. emergency  – similar to rd.break but mounts system disk
  3. Rescue – like single user mode, disk mounted, and services started

To change the root password, you must use rdbreak because this process doesn’t mount the system disk. Mounting a system disk implements file system permissions. Consequently, you cannot change the root password; instead, you’ll be prompted for the root password.

What to learn more important Linux Procedures? Check out our popular tech quickies.

Post Views: 631
Elsewhere On TurboGeek:  Best Linux One Liners

Tags:

Richard.Bailey

Richard Bailey, a seasoned tech enthusiast, combines a passion for innovation with a knack for simplifying complex concepts. With over a decade in the industry, he's pioneered transformative solutions, blending creativity with technical prowess. An avid writer, Richard's articles resonate with readers, offering insightful perspectives that bridge the gap between technology and everyday life. His commitment to excellence and tireless pursuit of knowledge continues to inspire and shape the tech landscape.

You may also like...

6 Responses

  1. Grep and RegEx examples - TurboGeek
    07/11/2022

    […] Part 4 – How to change the root password on Red Hat […]

  2. How to Configure NTP of Red Hat Linux - TurboGeek
    20/03/2023

    […] Part 4 – How to change the root password on Red Hat […]

  3. Managing Users & Groups in RedHat - TurboGeek
    24/03/2023

    […] Part 4 – How to change the root password on Red Hat […]

  4. Understanding Red Hat Permissions - TurboGeek
    21/08/2023

    […] Part 4 – How to change the root password on Red Hat […]

  5. How to manipulate files in RedHat - TurboGeek
    21/08/2023

    […] Part 4 – How to change the root password on Red Hat […]

  6. How to use Red Hat (RHEL8) as a VM host - TurboGeek
    16/10/2023

    […] Part 4 – How to change the root password on Red Hat […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Translate ยป