HOWTO: Bypass a Forgotten Root Password

Posted in Technology
Fri, Dec 23 - 10:06 am EST | 12 years ago by
Comments: 17
Be Sociable, Share!
    Use Arrow Keys (← →) to Browse

    It’s never happened to me, but I’m sure it’s happened to others. The root password is gone. Forgotten. Changed maliciously. Mysteriously gone.

    The Linux Gazette has a great article on the three most common ways to deal with this situation. It’s important to note that there’s no way to actually recover the password, but you can change it to something that you know.

    Here’s the simplest and my favourite. I tested this one out on my Kanotix box and it worked as advertised:

    Booting Into Single-User Mode

    This is as simple editing the preferred boot line in your bootload (typically either Lilo or GRUB) at boot time.

    • Reboot the system, and when you are at the selection prompt (See Fig. 2 below), highlight the line for Linux and press ‘e’. You may only have 2 seconds to do this, so be quick.
    • This will take you to another screen where you should select the entry that begins with ‘kernel’ and press ‘e’ again.
    • Append ' single' to the end of that line (without the quotes). Make sure that there is a space between what’s there and ‘single’. If your system requires you to enter your root password to log into single-user
      mode, then append init=/bin/bash after ‘single’. Hit ‘Enter’ to
      save the changes.
    • Press ‘b’ to boot into Single User mode.
    • Once the system finishes booting, you will be logged in as root. Use passwd and choose a new password for root.
    • Type reboot to reboot the system, and you can login with the new password you just selected.

    There are two other ways to reset your root password. One involves booting from a floppy or Live CD and the other involves mouting the drive on another machine altogether.

    As the guide indicates, it really is that easy to crack a root account if you have physical access.

    Check it out: How to Reset forgotten Root passwords LG #107

    Use Arrow Keys (← →) to Browse

    Be Sociable, Share!

      Related Posts

      • http://www.technosailor.com Aaron Brazell

        Shoot. Give me remote root access and I can do it (which begs the question if I have root access why would I need to, but that’s another question… don’t confuse me with the facts!).

        All I have to do is:


        # init 1

      • http://www.technosailor.com Aaron Brazell

        You know I’m stupid and in holiday mode.

        Runlevel 1 (init 1) doesn’t have networking capability so what good would that do me except kick me off?

        Sigh.

        Back to your normal programming, folks.

      • http://www.newlinuxuser.com Jon

        You’re killing me!

        :)

      • http://www.technosailor.com Aaron Brazell

        Yeah I know. Just making sure if you’re still awake!

      • http://www.newlinuxuser.com Jon

        I don’t know if you’ve ever read my entry on recursive acronyms, but I wrote the entire article with the word ‘algorithm’ instead of ‘acronym’.

        I’m da king of stupid things :)

      • Kalyan Talukdar

        It was known to me from earlier, forgotton.But thanks to remind me. I think LINUX is much more insecured as any one can break teh root password.

      • http://www.newlinuxuser.com Jon

        Hi Kaylan,

        I still think GNU/Linux is pretty secure. Any of these methods to retrieve or change the root password require physical access to the machine. If someone has physical access to your machine, then you’ve got bigger problems :)

      • Tom

        thank you, it works!
        now i can continue my adventures in the magical world called Linux *O*

      • http://www.newlinuxuser.com Jon

        Hey Tom,

        Glad it helped! Enjoy your magical adventures :)

      • Cyprian M Makhafola

        Hi Guys please help me, i have a Suse Linux and the root passwd is unknown. Please help me?

      • http://www.newlinuxuser.com Jon

        Cypian,

        Did you try the method above?

      • Vituz

        Guys, i tried the /init/bash method on PCLinuxOS and it backfired. Something to do with not being able to read cracklib dict, whatever tat is. any Help?

      • tinnitus

        boot off a LiveCD, chroot into the primary hard disk and use passwd.

      • http://prafulkr.wordpress.com Praful Kumar

        It is really good stuff!
        Thanks for it.

        @Praful

      • http://www.mu.ac.ke Bateta

        but is there a way to change the root password while you have already locked on the machine without necessarily booting in single mood.
        but let me try out the above first.

      • Happy Space Invader

        Doesn’t work for me. I get to the command line prompt, but when I type in “passwd”, the letters don’t appear. I press return anyway and it prompts me for a new UNIX password, but as I’m typing it in, it interprets some of my key presses as a return.

        So I type “reset” and I get a properly functioning command line, run the passwd command and can apparently change the root password, but then the “reboot” command doesn’t work, instead giving the error: “shutdown: Unable to send message: Connection refused”

        If I Ctrl+Alt+Del, when the machine comes back, the new password I set for root isn’t accepted.

        All of this on Ubuntu 8.10, kernel 2.6.27-9-generic.

      • PatriciaI

        I got a laptop from my mother which has the linux operating system. I am trying to download a program Every time i go this it is asking me for an admin password which my mother says when she bought the computer she never was given. Is there a way for me to bybass that password?

      Be Sociable, Share!