…even if “root password for maintenance” is set.

Root password recovery in Single User Mode

If you need to reset the root password then you must have access to the console. This is easy with VMWare or a Remote Access Controller. If not then you will have to make a physical trip to your server room.

Note that with Ubuntu you usually don’t want to set a root password. Just use “sudo su -” to get a root shell. If you do set a root password and then forget it then you will have to use the second method described under #Single User Mode when asked for root password for maintenance.

Boot into Single User Mode

1. Assuming you are booting under GRUB2 then boot your Linux box and hold shift while booting. This should bring up the GRUB boot menu. If that doesn’t work try booting again while hitting Esc until you get the GRUB boot menu. The GRUB boot menu check passes by quickly. This can be tricky under a virtual machine scenario (VirtualBox, Xen, VMWare, KVM, etc.), so you might have to reboot a few times before you catch it. If you are using the ancient LILO without a pause configured for the boot prompt then the process is similar, except that you press and hold any of the following keys while booting: Shift, Alt, Ctrl, ScrollLock, or CapsLock.
2. Select a boot image from the menu then press ‘e’ to edit.
3. Select the Kernel line and press ‘e’ to edit. It should look something like this:

   kernel /vmlinuz-2.6.15-27-386 root=/dev/mapper/Ubuntu-root ro quiet splash

   Edit that line to get rid of quiet and splash and add ‘single’:

   kernel /vmlinuz-2.6.15-27-386 root=/dev/mapper/Ubuntu-root ro single

   Then press enter. You will be returned to the menu.

4. Press ‘b’ to boot with these new settings.
5. If the OS appears to boot normally, but you see a message that says, Give root password for maintenance (or type Control-D to continue): then you will have to try a different trick described below.

Single User Mode when asked for root password for maintenance

This method will get you past the “Give root password for maintenance” message, but the environment will be much more primitive, but this should be enough for you to issue a ‘passwd’ command to change the password for root. If you want to do more than that then you may have to mount filesystems and manually start the network.

1. Reboot your machine; press ‘Esc’ to get to the GRUB menu; select your image; press ‘e’ to edit; select the Kernel line.
2. Press ‘e’ to edit the kernel line. Edit the line to get rid of quiet and splash; change ‘ro’ to ‘rw’; and add ‘init=/bin/bash’. The line should look something like this:

   kernel /vmlinuz-2.6.15-27-386 root=/dev/mapper/Ubuntu-root rw init=/bin/bash

3. Press ‘enter’ then ‘b’ to boot with these new settings.
4. When you get to the shell try editing /etc/passwd and /etc/shadow. Usually I just blank out password field for the root user then reboot. This may not work if the PAM was setup to disallow root login. In that case you may need to boot back into single user mode and then update the PAM to allow root login or allow root login without a password. Alternatively, the passwd command may be available so you can just run this to actually set a real password.