How to reset root password in Linux (RHEL,FEDORA) ? What to do if you forgot root password ?

18 Sep

Today I want to give you some very useful tips on what to do if you have forgotten your root password.
ATTENTION: This trick will only work if didn’t  setup GRUB password yet.    (if you did – sucks to be you :) )

Use Case:

You want to install something, change permissions on a file  or  do any other action that actually requires root password , which you don’t remember. I would start to panic, If i where you, but wait, there is some small hack you can do, to get back on track.

In this post I will show you how you can become a root without knowing you root password and reset it. I will also give you tips how to protect yourself from this vulnerability.

Let’s start.

1. Boot in Single User Mode

 a. Reboot your computer
 b. Wait until menu say’s to press any key to the Boot/GRUB menu, press any key

   At this point you should see menu similar to this:

grub-menu-image

c. Point to the OS you forgot your  password from and press “e

 
d.  Go to “kernel” line and add word “single” to the end of kernel string.

e. Press “b” to boot with new option for kernel

   Note: If you did something wrong, you could see “black screen of death” but don’t worry, everything you edit in boot menu is temporary, just reboot and you are good to go again.

c. If you did everything correctly you should see command line interface, where you are logged in as “root”.

How cool is that ?

2. Set SELinux to Permissive

a. If you try to change password right away, in RHEL or Fedora you won’t be able to do it because SELinux by default is enforcing.

  Good thing is that we can easily change SELinux enforcing mode. First lets find out the state of SELinux and if it is Enforcing, lets change it to Permissive. Type this in your command line:


$ getenforce

Enforcing

$ setenforce 0

Permissive

4. Change Root Password


$passwd

new password: ******

You will see that all tokens are updated.  Type ‘reboot’, and after you reboot, you will have your NEW root password. (write it down!) :)

But what if someone else would want to change my password in the same way ?

This is very legit question, and it was my first thought when I found out this easy way to change root password. How to protect yourself ? The answer is to put password on Boot menu.

How to lock GRUB/Boot menu ? ( I will show it on GRUB, however GRUB2 works similarly)

Here are a couple of simple steps how to set password on your GRUB:

 1. Open Terminal and login as root:


$ su -

Enter your root password.

2. Now type:

$ grub-md5-crypt

3. Enter password you want your grub (this can be different from your root password)  and click enter you will get md5 encoded string.

Let’s say your  md5 string is:


$1$sdlfksdlfksdlf/

4. Now use your text editor to go to grub.conf file, I use VI:

vi  /boot/grub/grub.conf

after “hidemenu” line enter:

password –md5 < paste here your encrypted md5 string>

(in my case it would be: password –md5 $1$sdlfksdlfksdlf/ )

5. Save the file.

6. To check if it works, try logging to Single User Mode, you will set instead of “e” to edit kernels string, you will need to enter password first.

That’s it for today!

Regards,

Anatoly

Tags: , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 272 other followers