For operations activity, there is an inconvenient task to reset the lost or forgotten password for users. It becomes more cumbersome, if the task is to reset root password for the linux server running a critical application. This blogs shares some simple steps to follow to recover password using Single User Mode from Linux GRUB.
As the root is user account with access to all commands and files on a Linux server. There might be a situation that due to user access failure, the server would become unusable. In such situations of total lockout, we can use Single User Mode from Linux GRUB to fix the user access due to bad password issues.
This blog outlines the steps to reset root passwords in various Linux distributions such as Almalinux, Rockylinux, CentOS, Ubuntu and PhotonOS.
Log in to GRUB
This is the common step for any linux operating system to log in to the GRUB
- Log in to the server via Console option of the server and access the boot menu.
- Once the GRUB boot prompt shows up for the VM, perform the required action to enter the GRUB prompt.
- From the GRUB boot prompt, press the
"e"
button to edit the first boot option.
Once we have reached into theSingle User Mode from Linux GRUB, we can proceed to prepare and reset the password for the root user or any required user.
Centos7 and AlmaLinux8
✍️ NOTE: We have used AlmaLinux8 for the use case, but the steps equally apply for Centos8, RockyLinux8 and RHEL8
- Find the kernel line starting with
linux*
and add"rd.break"
at the end of that line. - Press
CTRL+X
to save the changes and boot the server into single-user mode. - Remount root partition in RW mode. Type
#mount -o remount rw /sysroot
and then hit ENTER. - Now type
#chroot /sysroot
and hit ENTER. This will change the user scope into thesysroot (/)
directory. - Now we can change the password for root user using the
passwd
command. - We have to also make sure that SELinux allows the file changes. At the prompt ,need to enter:
#touch /.autorelabel
. - Type
exit
to leave the chroot environment and enterreboot
.
Ubuntu 20.04
In some of the servers, the GRUB menu might not display by default. In such case, we can login to the server with "sudo"
access and verify the grub configuration at "/etc/default/grub"
. We may observe that the GRUB_TIMEOUT_STYLE=hidden
and/or GRUB_TIMEOUT=0
. These settings, hide the GRUB Menu by default. To enable, we can change the GRUB configuration as below.
And then we can update the GRUB configurations with #sudo update-grub
. Once we reboot, we can view the GRUB menu and can press "e"
key for ubuntu server option to enterSingle User Mode from Linux GRUB.
- In the GRUB menu, find the kernel line starting with linux
/boot/
and addinit=/bin/bash
at the end of the line or if we have the statement ending with"ro"
, then need to change it to"rw"
and appendinit=/bin/bash
at the end of the line. - Once done, we can proceed with the boot process with
"F10"
or"CTRL - X"
. - At the next command prompt, we can proceed to run the password reset with
#passwd
command for root user or any other required user. - Once done, we can proceed to perform force reboot for the server with
#reboot -f
.
PhotonOS
- Once in theSingle User Mode from Linux GRUB, we can locate the statement starting with
"Linux*"
. - To the
Linux*
statement, we append the following –rw init=/bin/bash
. - Once done, we can proceed with the boot process with
"F10"
or"CTRL - X"
. - At the next command prompt, we can proceed to run the password reset with
#passwd
command for root user or any other required user. - Next step, we can unmount the Root partition with
#umount /
. - Once done, we can proceed to perform force reboot for the server with
#reboot -f
.
Wrapping Things Up
With the above steps, we have successfully reset the password for the root user and the operations team can proceed to connect or run the maintenance tasks for the linux server.