It’s never happened to me, but I’m sure it’s happened to others. The root password is gone. Forgotten. Changed maliciously. Mysteriously gone.
The Linux Gazette has a great article on the three most common ways to deal with this situation. It’s important to note that there’s no way to actually recover the password, but you can change it to something that you know.
Here’s the simplest and my favourite. I tested this one out on my Kanotix box and it worked as advertised:
Booting Into Single-User Mode
This is as simple editing the preferred boot line in your bootload (typically either Lilo or GRUB) at boot time.
- Reboot the system, and when you are at the selection prompt (See Fig. 2 below), highlight the line for Linux and press ‘e’. You may only have 2 seconds to do this, so be quick.
- This will take you to another screen where you should select the entry that begins with ‘kernel’ and press ‘e’ again.
- Append ' single' to the end of that line (without the quotes). Make sure that there is a space between what’s there and ‘single’. If your system requires you to enter your root password to log into single-user
mode, then append init=/bin/bash after ‘single’. Hit ‘Enter’ to
save the changes.
- Press ‘b’ to boot into Single User mode.
- Once the system finishes booting, you will be logged in as root. Use passwd and choose a new password for root.
- Type reboot to reboot the system, and you can login with the new password you just selected.
There are two other ways to reset your root password. One involves booting from a floppy or Live CD and the other involves mouting the drive on another machine altogether.
As the guide indicates, it really is that easy to crack a root account if you have physical access.
Check it out: How to Reset forgotten Root passwords LG #107