Recover Boot Password

por | 11 julio, 2006

Reset Root Password – Step 1

To solve the “lost root password” problem is to boot your computer from your Linux Installation CD, or from a live-CD such as Knoppix.

Using Knoppix, boot the live-CD then go to a terminal and su to root (no password is required) then issue the following commands (be sure to replace each /hda1 with your own root partition device):

Code:
mount -o dev,rw /mnt/hda1
   
cd /mnt/hda1/etc

Once you are into your system /etc directory, you can use a text editor (vim, nano, pico, etc.) to edit the /etc/shadow file where the password is stored. Various information about root and user accounts is kept in this plain-text file but we are only concerned with the password portion.

For example, the /etc/shadow entry for the “root” account may look something like this:

root:$1$aB7mx0Licb$CTbs2RQrfPHkz5Vna0.fnz8H68tB.:10852:0:99999:7:::

Now, using your favorite editor (I’ll use vim) delete the password hash. For this example, the actual password is in green text and is all those characters between the 1st and 2nd colons.

Code:
vim shadow

After you’ve edited this field, it should look like this:

Code:
root::10852:0:99999:7:::

Now save the file and change back to the root directory and unmount the system root partition (don’t forget to change the /hda1) as follows:

Code:
cd /
umount /mnt/hda1

Now reboot the computer.

Once the computer has booted and you’re at the login prompt, type “root” and when asked for the password just press ENTER (entering no password). After a successful login, you need to set the new password for root using the following command:

Code:
passwd

=============================================================

Note that I’ve tested both the above methods on my machines but keep in mind that neither of them will work on every machine. It’s also important to know that there are several other ways of recovering/resetting the root password.

Hopefully, this HowTo will serve as a good reminder of the old saying that “anyone having physical access to a machine owns that machine”.

Please feel free to post any additions and/or corrections and I’ll be happy to add them to the HowTo.

Reset Root Password – Method 2

Probably the simplest way to solve a forgotten root password problem is to boot your system in the single-user mode.

If you are using LILO, at the LILO boot prompt (graphical LILO users can press Ctrl-x to exit the graphical screen and go to the boot: prompt), and then enter:

Code:
linux single

This will make you the “root” user without asking for a password. Once the system has booted, you can change the root password using the password command:

Code:
passwd

GRUB users will follow basically the same steps, except that the GRUB boot loader doesn’t have a default boot prompt, but you can choose “e” when the menu displays to edit the boot parameters. Just select the kernel line for the kernel you want to boot. Go to the end of that line and type “single” as a separate word, then press ENTER to exit the edit mode. Once back at the GRUB screen, press “b” to boot into single user mode.