Reset lost root password: Difference between revisions
(Removed "If you cannot remember it, go to step 1". See discussion.) |
(Undo revision 792432 by Xgpt (talk) - this page is not about boot loaders, systemd-boot has its own page, see systemd-boot#Keys inside the boot menu) Tag: Undo |
||
| (12 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
[[Category:System recovery]] | [[Category:System recovery]] | ||
[[Category:Security]] | [[Category:Security]] | ||
[[ja:パスワードリカバリ]] | [[ja:パスワードリカバリ]] | ||
[[pt:Reset lost root password]] | [[pt:Reset lost root password]] | ||
| Line 9: | Line 7: | ||
This guide will show you how to reset a forgotten [[root user|root]] password. Several methods are listed to help you accomplish this. | This guide will show you how to reset a forgotten [[root user|root]] password. Several methods are listed to help you accomplish this. | ||
{{Warning|An attacker could use the methods mentioned below to break into your system. No matter how secure the operating system is or how good passwords are, having physical access amounts to loading an alternate OS and exposing your data, unless you use [[data-at-rest encryption]].}} | {{Warning|An attacker could use some of the methods mentioned below to break into your system. No matter how secure the operating system is or how good passwords are, having physical access amounts to loading an alternate OS and exposing your data, unless you use [[data-at-rest encryption]].}} | ||
== Using | == Using sudo == | ||
If you have installed [[sudo]] and have configured permissions for either the {{ic|wheel}} group or a user whose password you recall, you can change the root password by running {{ic|sudo passwd root}}. | |||
== | == Using the debug shell == | ||
# | # Append {{ic|systemd.debug_shell}} to the [[kernel parameters]]. | ||
# | # This will do a normal boot but start {{ic|debug-shell.service}} which runs a root shell ({{ic|/bin/sh}}) on {{ic|tty9}}. Press {{ic|Ctrl+Alt+F9}} to access it. | ||
# Use the [[passwd]] command to create a new password for the root user. | |||
# | # When done, [[stop]] {{ic|debug-shell.service}}. | ||
== Using bash as init == | == Using bash as init == | ||
| Line 30: | Line 28: | ||
{{Note|Some keyboards may not be loaded properly by the init system with this method and you will not be able to type anything at the bash prompt. If this is the case, you will have to use another method.}} | {{Note|Some keyboards may not be loaded properly by the init system with this method and you will not be able to type anything at the bash prompt. If this is the case, you will have to use another method.}} | ||
== Using a LiveCD == | |||
With a [[USB flash installation medium|LiveCD]] a couple methods are available: change root and use the {{Ic|passwd}} command, or erase the password field entry directly editing the password file. Any Linux capable LiveCD can be used, albeit to change root it must match your installed architecture type. Here we only describe how to reset your password with chroot, since manual editing the password file is significantly more risky. | |||
=== Change root === | |||
# Boot the LiveCD and [[mount]] the root partition of your main system. | |||
# Use the {{ic|passwd --root ''MOUNT_POINT'' ''USER_NAME''}} command to set the new password (you will not be prompted for an old one). | |||
# Unmount the root partition. | |||
# Reboot, and enter your new password. | |||
== See also == | == See also == | ||
* [https://www.howtoforge.com/how-to-reset-a-forgotten-root-password-with-knoppix-p2 How To Reset A Forgotten Root Password With Knoppix] | * [https://www.howtoforge.com/how-to-reset-a-forgotten-root-password-with-knoppix-p2 How To Reset A Forgotten Root Password With Knoppix] | ||
* [https://freedesktop.org/wiki/Software/systemd/Debugging/ Early Debug Shell] | |||
Latest revision as of 01:20, 13 November 2023
This guide will show you how to reset a forgotten root password. Several methods are listed to help you accomplish this.
Warning: An attacker could use some of the methods mentioned below to break into your system. No matter how secure the operating system is or how good passwords are, having physical access amounts to loading an alternate OS and exposing your data, unless you use data-at-rest encryption.
Using sudo
If you have installed sudo and have configured permissions for either the wheel group or a user whose password you recall, you can change the root password by running sudo passwd root.
Using the debug shell
- Append
systemd.debug_shellto the kernel parameters. - This will do a normal boot but start
debug-shell.servicewhich runs a root shell (/bin/sh) ontty9. PressCtrl+Alt+F9to access it. - Use the passwd command to create a new password for the root user.
- When done, stop
debug-shell.service.
Using bash as init
- Append the
init=/bin/bashkernel parameter to your boot loader's boot entry. - Your root file system is mounted as read-only now, so remount it as read/write:
mount -n -o remount,rw /. - Use the passwd command to create a new password for the root user.
- Reboot by typing
reboot -fand do not lose your password again!
Note: Some keyboards may not be loaded properly by the init system with this method and you will not be able to type anything at the bash prompt. If this is the case, you will have to use another method.
Using a LiveCD
With a LiveCD a couple methods are available: change root and use the passwd command, or erase the password field entry directly editing the password file. Any Linux capable LiveCD can be used, albeit to change root it must match your installed architecture type. Here we only describe how to reset your password with chroot, since manual editing the password file is significantly more risky.
Change root
- Boot the LiveCD and mount the root partition of your main system.
- Use the
passwd --root MOUNT_POINT USER_NAMEcommand to set the new password (you will not be prompted for an old one). - Unmount the root partition.
- Reboot, and enter your new password.