How to reset our forgotten root password on our Linux system

botond published March 2020, 10, Thu - 08:13 time

Content

 

Introductory

It is not common to log in as root, so we do not use its password for a long time. We may forget and the sudo command is not available. If this happens, let's look at two ways to recover your forgotten root password on Debian and Ubuntu.

 

 

Recover a forgotten root password using the GRUB menu

To reset the forgotten root password, you must first log in to GRUB menu. To do this, you need to start / restart the computer. In this example today, I have two VirtualBox on a machine I will present the steps of this operation in parallel.

System restart / reboot

Boot the machine and wait for GRUB to start. For Ubuntu systems, if the GRUB menu does not appear automatically, press and hold the left button at the beginning of the boot process. Shift key. So for me, the GRUB menus for Debian 10 (Buster) and Ubuntu 20.04 LTS (Focal Fossa) look like this:

Booting Virtual Machines - Debian 10 (Buster) and Ubuntu 20.04 LTS (Focal Fossa) - Booting GRUB Menus

In the beginning, until the windows fit side by side on the table, I will show the first few steps together.

Start the root console

On Debian, select "Advanced settings for Debian GNU / Linux" and on Ubuntu, select "Advanced options for Ubuntu". This is where the special options for both systems come in:

GRUB menu - Advanced settings on Debian and Ubuntu

If you have more than one operating system, of course, select the appropriate system on which you want to reset the root password.

Then press the e key, the GRUB parameters will appear:

Open GRUB parameters

Here, scroll down to the bottom of the text box where you will find the Linux kernel loader:

GRUB parameters - Find the Linux kernel load section

Here you have to change that ro (read only) rw (read / write), that is, to mount the root filesystem in writable mode, and to start the Bash-him.

Let's be prepared here that in this state many parts of the system are not loaded yet, such as the keyboard layout, so if we use a Hungarian keyboard layout, it will now work with an English layout. Accordingly, for example, the "=" sign is found in place of the letter "oh", etc ...

 

 

So use the cursor to navigate to the part at the end of the line and rewrite it as follows:

On Debian

About this:

ro quiet

to:

rw quiet init=/bin/bash

On Ubuntu

About this:

ro maybe-ubiquity

to:

rw maybe-ubiquity init=/bin/bash

Finally, it should look something like this:

GRUB parameters - Modify the Linux kernel load section

Of course, for other versions of GRUB / Debian / Ubuntu, there may be other options, but the point is to fix ro to rw and add the "init = / bin / bash" section to the end of the line.

To start the configuration, press F10 key, you will get a root console:

Debian

Debian root console

Ubuntu

In the case of Ubuntu, it loads a little more, and finally we get a root prompt here:

Ubuntu root console

Change root password

 

 

Finally, change the root password, enter a new password. Run the following command on both systems:

passwd root

Then enter any new password and repeat.

Debian

Changing the root password on Debian

Ubuntu

Change root password on Ubuntu

That's it, let's start the system now with the following command:

exec /sbin/init

Login with root

We then get the usual access part. In this example, I will show the login with the minimal servers in text mode, but we can also use the root user in graphical desktops:

Debian root login

Ubuntu root login

From now on, we can use our root user properly with the new password.

 

Recover a forgotten root password using GParted Live

 

 

If there is no GRUB loader installed on the machine, or the machine is booting with another boot manager program that we do not know, then as an alternative we have other options to reset our forgotten root password.

For this purpose, the Live installation kit of virtually any Linux distribution (which of course has one) is great, such as Debian or Ubuntu Live installers, the point is to boot a Linux system and have a root terminal or console.

In this example, I will perform this task with GParted Live. It is a Debian-based, featherweight small system designed specifically to perform such recovery, repair, and maintenance tasks. I have previously made another description of this, the steps of which I will not detail here, so you can find the link below on how to get it, how to write it to a flash drive, and how to start a root terminal in it (link opens in a new window meg):

We choose either solution: start the Live system of one of the distributions or the one I mentioned, then open a root terminal in it, and from now on we have to follow the same steps for all of them.

Booting the root terminal

From now on, I will not split the examples for Debian and Ubuntu, because here the Live system will work on any distribution, we will have to reset the root password. So I'm now opening a root terminal in GParted Live, and the steps so far can be found in the description above:

GParted Live - Root terminal and GParted program

GParted Live starts the GParted partitioning program by default, which I leave outside so I have the drives, partitions, and markers in front of me. We will need these.

Mount a system partition

Live systems do not mount partitions on the machine, so we have to do that. First, find the computer system partition. If you have a partitioning program in front of you in the same way as GParted, you can see it right away, but if you only have a text console or no other graphics tool at hand, issue the following command:

fdisk -l

GParted Live - Find a system partition

If you are not familiar with partitions, you can easily decide which partition you need based on the size, type, and boot-flag status of the partition.

In this example, the virtual machine has multiple partitions, of which here is / Dev / sda1 The parameters just mentioned are 36 GB, type: Linux, ext4 file system, and boot flag. So in this example, this will be fine.

Create a mount point for this partition and mount it:

mkdir  /mnt/system
mount  /dev/sda1  /mnt/system

GParted Live - Mount a system partition

Chrooting the system partition

In the next step, we need to pretend that this mount point (/ mnt / system) is our regular filesystem, this is called chrooting:

chroot  /mnt/system

After issuing the command, it throws a warning that it can't set the correct localization, but we don't have to deal with that. We will then be taken to the root directory, which is already the root directory of the mounted drive:

GParted Live - Chrooting the system partition

Interestingly, the output of our prompt and our ls command also became colored here. This is because the original Debian 10 (Buster) minimal server installation anno I set the color prompt, and now the .bashrc file for this system has run from the / root directory. So from this we can see that the chroot succeeded. Thus, the output of the ls command also returned the contents of the mounted system partition.

Change root password

 

 

You can then easily change the root password:

passwd root

GParted Live - Change root password

Enter the new root password twice in succession.

Exit and reboot system

In the end, there was nothing left but to step back from everything:

Exit the chroot shell:

exit

Unmount the system partition:

umount /mnt/system
This is very important because if you do not unmount and restart the machine, the file system may be damaged!

And you can also exit root:

exit

GParted Live - Log out

Then remove the Live Installer from the DVD or USB and restart the computer.

Login with root

You can now log in with the root user blind and your new password:

Login with root

 

 

Conclusion

With these two methods, we can rest assured that we can reset the root password if we accidentally forget it. However, this also means that if unauthorized people have access to our computer or laptop, they can change our root password and access our data in the same way. We can protect against this with disk encryption, which can make things harder for unauthorized intruders.