How to reset root password in Linux (RHEL,FEDORA) ? What to do if you forgot root password ?


Today I want to give you some very useful tips on what to do if you have forgotten your root password.
ATTENTION: This trick will only work if didn’t  setup GRUB password yet.    (if you did – sucks to be you 🙂 )

Use Case:

You want to install something, change permissions on a file  or  do any other action that actually requires root password , which you don’t remember. I would start to panic, If i where you, but wait, there is some small hack you can do, to get back on track.

In this post I will show you how you can become a root without knowing you root password and reset it. I will also give you tips how to protect yourself from this vulnerability.

Let’s start.

1. Boot in Single User Mode

 a. Reboot your computer
 b. Wait until menu say’s to press any key to the Boot/GRUB menu, press any key

   At this point you should see menu similar to this:

grub-menu-image

c. Point to the OS you forgot your  password from and press “e

 
d.  Go to “kernel” line and add word “single” to the end of kernel string.

e. Press “b” to boot with new option for kernel

   Note: If you did something wrong, you could see “black screen of death” but don’t worry, everything you edit in boot menu is temporary, just reboot and you are good to go again.

c. If you did everything correctly you should see command line interface, where you are logged in as “root”.

How cool is that ?

2. Set SELinux to Permissive

a. If you try to change password right away, in RHEL or Fedora you won’t be able to do it because SELinux by default is enforcing.

  Good thing is that we can easily change SELinux enforcing mode. First lets find out the state of SELinux and if it is Enforcing, lets change it to Permissive. Type this in your command line:


$ getenforce

Enforcing

$ setenforce 0

Permissive

4. Change Root Password


$passwd

new password: ******

You will see that all tokens are updated.  Type ‘reboot’, and after you reboot, you will have your NEW root password. (write it down!) 🙂

But what if someone else would want to change my password in the same way ?

This is very legit question, and it was my first thought when I found out this easy way to change root password. How to protect yourself ? The answer is to put password on Boot menu.

How to lock GRUB/Boot menu ? ( I will show it on GRUB, however GRUB2 works similarly)

Here are a couple of simple steps how to set password on your GRUB:

 1. Open Terminal and login as root:


$ su -

Enter your root password.

2. Now type:

$ grub-md5-crypt

3. Enter password you want your grub (this can be different from your root password)  and click enter you will get md5 encoded string.

Let’s say your  md5 string is:


$1$sdlfksdlfksdlf/

4. Now use your text editor to go to grub.conf file, I use VI:

vi  /boot/grub/grub.conf

after “hidemenu” line enter:

password –md5 < paste here your encrypted md5 string>

(in my case it would be: password –md5 $1$sdlfksdlfksdlf/ )

5. Save the file.

6. To check if it works, try logging to Single User Mode, you will set instead of “e” to edit kernels string, you will need to enter password first.

That’s it for today!

Regards,

Anatoly

Advertisements

About Anatoly Spektor

My name is Anatoly Spektor (originally Anatolijs Spektors) I am Software and Web Developer. I have worked in Seneca Center for Development of Open Technology on Big Blue Button Add-on - Polling Module, Red Hat and some other places :) I am an author of the book 'Eclipse Debugging How To', Muay Thai fighter and amateur photographer ;)
This entry was posted in Fedora, open-source, Programming Languages, Red Hat, RHEL and tagged , , , , . Bookmark the permalink.

8 Responses to How to reset root password in Linux (RHEL,FEDORA) ? What to do if you forgot root password ?

  1. Chris says:

    Wonderful! Even at my advanced age, never thought it would happen that I’d forget my root password but yesterday morning I did. Took me several attempts to edit as couldn’t see what I typed. Then everything worked exactly as you specified. You’ve made an old man very happy!

  2. I seldom comment, but I browsed some remarks on How to reset
    root password in Linux (RHEL,FEDORA) ? What to do iff you forgot root password ?

    | My Programming Blog. I actually do have a couple of questions for you if
    it’s okay. Could it be only me or does it
    give the impression like a few of these comments appear like they are left by
    brain dead folks? 😛 And, if you are posting at other online sites, I’d
    like to follow everything fresh you have to post.
    Could you post a list of all of all your social community
    pags like your Facebook page, twitter feed,or linkedin profile?

  3. certainly like your web-site but you need to check the
    spelking on quite a few of your posts. Several of them are rife with
    spelling problems and I to find it very bothersome to tell
    the reality nevertheless I will surely come again again.

  4. I enjoy what you guys tend to be up too. This kind of clever work annd reporting!

    Keep up the wonderful works guys I’ve iincluded you guys
    to blogroll.

  5. I’m really enjoying the theme/design off your weblog.
    Do you ever run into any internet browser compatibility issues?
    A couple of my blog audience have complained about my site not working correctly in Explorer
    but looks great in Opera. Do you have any recommendations to
    help fix this problem?

  6. Hey there! Your websites are running slow , this kind of took sort of a moment in order to load, I actually do not know whether or not it’s just simply me or your website but facebook performed fine for me.
    Anyways, I want to thank you so much for putting fantastic post.
    I believe it really has already been honestly useful to user who actually click here.

    I personally should mention that you have done
    fantastic work with this and hope to discover many more brilliant stuff from you.
    Right after viewing your articles, I’ve book-marked your site.

  7. Dankzij Whatsapp Hacker 2013 kon ik mijn dochter in de gaten houden.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s