ARTICLE

HOWTO: Recover root password
Contributed by B. Johnson in Security on 2006-02-18 17:16:43
A common problem faced by new users ( and sometimes even experienced users ) is not knowing what to do when they lose their password. Even worse, when they lose the password for 'root'. Luckily, there are several solutions to help you recover access to your system.

Root Password - Easy Method:

The simplest way to recover from a lost password is to boot into single user mode.

If you are using LILO, at the LILO boot prompt (graphical LILO users can press Ctrl-x to exit the graphical screen and go to the boot: prompt), enter:

Code:

linux single


This will make you the "root" user without asking for a password. Once the system has booted, you can change the root password using the password command:

Code:

passwd

The instructions for GRUB users are similar. Press 'e' at the GRUB prompt to select boot parameters. Select the line for the kernel you want to boot, and go to the end of it. Add "single" as a separate word, and then press ENTER to exit the edit mode. Once back at the GRUB screen, press "b" to boot into single user mode.



Root Password - Not As Easy Method:

If for whatever reason, the above solution doesn't work for you, there is another option. Boot using a so called "Live CD" Linux distribution, such as Knoppix. For the purposes of this example, it will be assumed that the user is using Knoppix.
After booting up from the Knoppix CD, go to a terminal and su to root (no password is required). After your priviledges have been escalated, issue the following commands (be sure to replace each /hda1 with your own root ('/') partition):

Code:

mount -o dev,rw /mnt/hda1          cd /mnt/hda1/etc


Once you are into your system /etc directory, you can use a text-editor (such as vim, nano, pico, etc.) to edit the /etc/shadow file where the password is stored. Various information about root and user accounts is kept in this plain-text file, but we are only concerned with the password portion.

For example, the /etc/shadow entry for the "root" account may look something like this:

Code:

root:$1$aB7mx0Licb$CTbs2RQrfPHkz5Vna0.fnz8H68tB.:/
10852:0:99999:7:::

 (The '/' indicates a line continuation)

Now, using your favorite editor (I'll use vim) delete the password hash (the green text).

Code:

vim shadow


After you've edited this field, it should look like this:

Code:

root::10852:0:99999:7:::


Now save the file and change back to the root directory and unmount the system root partition (don't forget to change the /hda1) as follows:

Code:

cd / umount /mnt/hda1


Now reboot the computer.

Once the computer has booted and you're at the login prompt, type "root" and when asked for the password just press ENTER (entering no password). After a successful login, you need to set the new password for root using the following command:

Code:

passwd




Forgotten or Lost "User" Password:

If a regular user forgets his/her password, the root user can easily reset the user's password. For this example, the username will be "bob".

Enter (as root):

Code:

passwd bob


This will prompt for a new password for the user "bob".


 
Discussion(s)
One more thing...
Written by Robin on 2006-03-11 21:05:09
This isn't the only way to change the root password on a system.

This way kind of mixes both of the methods described on this page:

You can boot using a LiveCD, then via a root terminal, you can chroot into your system after mounting it:

[code]
sudo su
mkdir /mnt/hd
mount /dev/hda2 -t ext3 /mnt/hd
chroot /mnt/hd
passwd
[/code]
Once you've filled in your password, it's done. Your root password is changed.
Discuss! Reply!

Maybe I'm missing something, but
Written by Monovitae on 2006-04-20 23:38:53
If these procedures work as explained dosen't it pose a significant security risk via anyone that has physical access to a machine?
Discuss! Reply!

...
Written by hexa on 2006-11-30 08:36:33
Quote:
If these procedures work as explained dosen't it pose a significant security risk via anyone that has physical access to a machine?




yes ;)
why do u think colocations have a strict policy on personal access? :P
Discuss! Reply!

Hence the point of local security?
Written by Brad on 2006-12-19 02:07:50
The first rule of system security is always to lock the thing up in the tightest place possible. Big locks, laser guns, and robots rolling around smashing people that are trying to get close. Oh yeah...

Quote:
If these procedures work as explained dosen't it pose a significant security risk via anyone that has physical access to a machine?
Discuss! Reply!

Re: Maybe I'm missing something, but
Written by Earnie on 2006-04-24 07:25:29
You haven't missed anything which is why you keep your servers under lock and key. You simply can't allow every Tom, Dick or Harry to have access to the system. Having access to the physical system is a security risk regardless of the OS or use of the equipment. CUID and passwords are at best only minimal advantage to the risk of security. CUID and passwords do not prevent anyone from accessing the data stored on the disk. If you have highly sensitive data that you do not want to be easily read you need to crypt it with something like openssl. People can still read the data but it minimizes the number of people to the ones with the know how in encryption technology.
Discuss! Reply!

root password
Written by m.h.haque on 2007-02-13 12:26:06
Quote:
You haven't missed anything which is why you keep your servers under lock and key. You simply can't allow every Tom, Dick or Harry to have access to the system. Having access to the physical system is a security risk regardless of the OS or use of the equipment. CUID and passwords are at best only minimal advantage to the risk of security. CUID and passwords do not prevent anyone from accessing the data stored on the disk. If you have highly sensitive data that you do not want to be easily read you need to crypt it with something like openssl. People can still read the data but it minimizes the number of people to the ones with the know how in encryption technology.
Discuss! Reply!

Here's another..
Written by Gagan on 2006-07-22 14:15:33
This works for most of Red-Hat and Fedora Core Systems, if you have GRUB as your Bootloader.!

At startup just edit the line, where it's written Fedora Core or Linux and pass Quote:
init 0


you will be automatically booted as root without even password confirmation and then you can reset the password using Quote:
passwd
Discuss! Reply!

it
Written by helion on 2006-08-17 09:56:30
the parameter to be passed is: init 1
Discuss! Reply!

recovering the redhat linux pass
Written by helion on 2006-08-17 09:54:40
the parameters to pass after the line starting with rh** in the grub menu is: init 1
Discuss! Reply!

RE:Recover root password
Written by jack on 2007-04-29 03:44:59
open this link and know how to recover root pass

http://linuxera.com/content/view/191/2/

jack
Discuss! Reply!

reset admin password for xp pro
Written by mark on 2007-06-23 13:31:01
does anyone know of a linux based program that would reset a admin password on windows xp pro i heard that there is one but can't seem to find it.

thanks
Discuss! Reply!

Written by on 2007-07-06 02:58:35
You can try Austrumi linux:

<a href="http://cyti.latgola.lv/ruuni/index_en.html">
http://cyti.latgola.lv/ruuni/index_en.html</a>

I remember using an old version to reset the Administrator password on a Windows 2000 machine; I don't know if it works with XP too.
Discuss! Reply!

I think you need version 1.4.0
Written by ted jordan on 2007-07-09 17:27:59
Yes, an older version of Austrumi Linux would remove admin passwords. It did work in XP. I'm not sure why they got rid of this feature.

If it's not 1.4, try 1.3, but it's definitely in one of the older versions

ted


Quote:
You can try Austrumi linux:

<a href="http://cyti.latgola.lv/ruuni/index_en.html">
http://cyti.latgola.lv/ruuni/index_en.html</a>

I remember using an old version to reset the Administrator password on a Windows 2000 machine; I don't know if it works with XP too.
Discuss! Reply!

Ultimate Boot CD (for windows)
Written by MidnighToker on 2007-10-20 18:33:47
Quote:
does anyone know of a linux based program that would reset a admin password on windows xp pro i heard that there is one but can't seem to find it.

thanks



www.ubcd4win.com">www.UBCD4Win.com is the Ultimate Boot CD for windows. It has an option for resetting windows passwords and some other nice utils too.
Discuss! Reply!

root password
Written by javed on 2007-08-29 00:29:15
I hav try this method
but don't work in grub screen as it asks for paaword ie.it ask to press p to unlock .I am using redhat 2.4
Discuss! Reply!

break to password
Written by harshil on 2008-02-06 02:27:06
DEAR SIR

HOW I CAN GET RECOVER GRUB PASSWORD
Discuss! Reply!