HowTo: Recover Root (and user) Password

It is recommended that you print out these instructions if you intend to use them without access to a computer where you can read them directly from this site. Reset Root Password - Easy Method: Probably the simplest way to solve a forgotten root password problem is to boot your system in the single-user mode. If you are using LILO, at the LILO boot prompt (graphical LILO users can press Ctrl-x to exit the graphical screen and go to the boot: prompt), and then enter:   Code: linux single This will make you the "root" user without asking for a password. Once the system has booted, you can change the root password using the password command:   Code: passwd GRUB users will follow basically the same steps, except that the GRUB boot loader doesn't have a default boot prompt, but you can choose "e'' when the menu displays to edit the boot parameters. Just select the kernel line for the kernel you want to boot. Go to the end of that line and type "single" as a separate word, then press ENTER to exit the edit mode. Once back at the GRUB screen, press "b" to boot into single user mode. Reset Root Password - Not As Easy Method: If the easy method doesn't work on your machine, another way to solve the "lost root password" problem is to boot your computer from your Linux Installation CD, or from a live-CD such as Knoppix. Using Knoppix, boot the live-CD then go to a terminal and su to root (no password is required) then issue the following commands (be sure to replace each /hda1 with your own root partition device):   Code: mount -o dev,rw /mnt/hda1 cd /mnt/hda1/etc Once you are into your system /etc directory, you can use a text editor (vim, nano, pico, etc.) to edit the /etc/shadow file where the password is stored. Various information about root and user accounts is kept in this plain-text file but we are only concerned with the password portion. For example, the /etc/shadow entry for the "root" account may look something like this:   Code: root:$1$aB7mx0Licb$CTbs2RQrfPHkz5Vna0.fnz8H68tB.:10852:0:99999:7::: Now, using your favorite editor (I'll use vim) delete the password hash. For this example, the password is in green text and is all those characters between the 1st and 2nd colons.   Code: vim shadow After you've edited this field, it should look like this:   Code: root::10852:0:99999:7::: Now save the file and change back to the root directory and unmount the system root partition (don't forget to change the /hda1) as follows:   Code: cd / umount /mnt/hda1 Now reboot the computer. Once the computer has booted and you're at the login prompt, type "root" and when asked for the password just press ENTER (entering no password). After a successful login, you need to set the new password for root using the following command:   Code: passwd Note that I've tested both the above methods on my machines but please keep in mind that neither of them will work on every machine. Reset Forgotten or Lost "User" Password: If a regular user forgets his/her password, the root user can easily reset the user's password. For this example, the username will be "bob". Enter (as root):   Code: passwd bob This will prompt for a new password for the user "bob". ==================================== Hopefully, this HowTo will serve as a good reminder of the old saying that "anyone having physical access to a machine owns that machine". Please feel free to post any additions and/or corrections and I'll be happy to add them to the HowTo. Thanks!