{"id":5072,"date":"2015-08-06T11:16:06","date_gmt":"2015-08-06T03:16:06","guid":{"rendered":"http:\/\/rmohan.com\/?p=5072"},"modified":"2015-08-06T12:05:48","modified_gmt":"2015-08-06T04:05:48","slug":"debian-give-root-password-for-maintenance-lost-password","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=5072","title":{"rendered":"Debian give root password for maintenance lost password"},"content":{"rendered":"<p>In the event your Linux box experiences disk or file system issues you may receive a &#8220;Give root password for maintenance&#8221; prompt upon reboot. If you have your root password you can login but in the event your using &#8216;slide&#8217; or &#8216;sudo&#8217; for wheel access or you&#8217;ve just mis-placed your root password &#8211; you&#8217;ll need to reset it.<\/p>\n<p>To reset your root password:<\/p>\n<p>1. When the GRUB loader shows during boot press the spare bar to pause boot.<\/p>\n<p>2. Select your boot kernel.<\/p>\n<p>3. Type &#8216;e&#8217; to edit the default kernel line.<\/p>\n<p>4. Type &#8216;e&#8217; again on the line that starts with &#8216;kernel&#8217;.<\/p>\n<p>5. Add &#8216;init=\/bin\/bash&#8217; to the end of the &#8216;kernel&#8217; line then press enter.<\/p>\n<p>6. Type &#8216;b&#8217; to boot the modified kernel parameters.<\/p>\n<p>7. Once you&#8217;re at the \/bin\/bash prompt you will need to remount the root file system as read\/write in order to edit the passwd file:<\/p>\n<p># mount -o remount,rw \/<\/p>\n<p>8. Change your root password:<\/p>\n<p># passwd root<\/p>\n<p>9. Remount the filesystem back to read only:<\/p>\n<p># mount -o remount,ro \/<\/p>\n<p>10. Reboot your server using CTR-ALT-DELETE.<\/p>\n<p>11. You will now be able to login with your new root password and carry out the maintenance.<\/p>\n<p>&nbsp;<br \/>\n<!-- [if lt IE 7]><script type=\"text\/javascript\" src=\"\/mediawiki\/skins\/common\/IEFixes.js?207\"><\/script>\n<meta http-equiv=\"imagetoolbar\" content=\"no\" \/><![endif]--><script src=\"https:\/\/pagead2.googlesyndication.com\/pub-config\/ca-pub-0620619173364412.js\" async=\"\" type=\"text\/javascript\"><\/script><script src=\"\/mediawiki\/skins\/common\/ajax.js?207\" type=\"text\/javascript\"><\/script><\/p>\n<div id=\"column-content\">\n<div id=\"content\">\n<h1 class=\"firstHeading\">Single User Mode<\/h1>\n<div id=\"bodyContent\">\n<h3 id=\"siteSub\"><\/h3>\n<p> &#8230;even if &#8220;root password for maintenance&#8221; is set.<\/p>\n<h2><span class=\"mw-headline\"> Root password recovery in Single User Mode <\/span><\/h2>\n<p>If you need to reset the root password then you must have access to the console. This is easy with VMWare or a Remote Access Controller. If not then you will have to make a physical trip to your server room.<\/p>\n<p>Note that with Ubuntu you usually don&#8217;t want to set a root password. Just use &#8220;sudo su -&#8221; to get a root shell. If you do set a root password and then forget it then you will have to use the second method described under <a title=\"\" href=\"http:\/\/www.noah.org\/wiki\/Single_User_Mode#Single_User_Mode_when_asked_for_root_password_for_maintenance\">#Single User Mode when asked for root password for maintenance<\/a>.<\/p>\n<h3><span class=\"mw-headline\"> Boot into Single User Mode <\/span><\/h3>\n<ol>\n<li>Assuming you are booting under <b>GRUB2<\/b> then boot your Linux box and hold <b>shift<\/b> while booting. This should bring up the GRUB boot menu. If that doesn&#8217;t work try booting again while hitting <b>Esc<\/b> until you get the GRUB boot menu. The GRUB boot menu check passes by quickly. This can be tricky under a virtual machine scenario (VirtualBox, Xen, VMWare, KVM, etc.), so you might have to reboot a few times before you catch it. If you are using the ancient <b>LILO<\/b> without a pause configured for the boot prompt then the process is similar, except that you press and hold any of the following keys while booting: Shift, Alt, Ctrl, ScrollLock, or CapsLock.<\/li>\n<li>Select a boot image from the menu then press &#8216;e&#8217; to edit.<\/li>\n<li>Select the Kernel line and press &#8216;e&#8217; to edit. It should look something like this:\n<pre>kernel \/vmlinuz-2.6.15-27-386 root=\/dev\/mapper\/Ubuntu-root ro quiet splash<\/pre>\n<p>Edit that line to get rid of quiet and splash and add &#8216;single&#8217;:<\/p>\n<pre>kernel \/vmlinuz-2.6.15-27-386 root=\/dev\/mapper\/Ubuntu-root ro single<\/pre>\n<p>Then press enter. You will be returned to the menu.\n<\/li>\n<li>Press &#8216;b&#8217; to boot with these new settings.<\/li>\n<li>If the OS appears to boot normally, but you see a message that says, <b>Give root password for maintenance (or type Control-D to continue):<\/b> then you will have to try a different trick described below.<\/li>\n<\/ol>\n<h3><span class=\"mw-headline\"> Single User Mode when asked for root password for maintenance <\/span><\/h3>\n<p>This method will get you past the &#8220;Give root password for maintenance&#8221; message, but the environment will be much more primitive, but this should be enough for you to issue a &#8216;passwd&#8217; command to change the password for root. If you want to do more than that then you may have to mount filesystems and manually start the network.<\/p>\n<ol>\n<li>Reboot your machine; press &#8216;Esc&#8217; to get to the GRUB menu; select your image; press &#8216;e&#8217; to edit; select the Kernel line.<\/li>\n<li>Press &#8216;e&#8217; to edit the kernel line. Edit the line to get rid of quiet and splash; change &#8216;ro&#8217; to &#8216;rw&#8217;; and add &#8216;init=\/bin\/bash&#8217;. The line should look something like this:\n<pre>kernel \/vmlinuz-2.6.15-27-386 root=\/dev\/mapper\/Ubuntu-root rw init=\/bin\/bash<\/pre>\n<\/li>\n<li>Press &#8216;enter&#8217; then &#8216;b&#8217; to boot with these new settings.<\/li>\n<li>When you get to the shell try editing <b>\/etc\/passwd<\/b> and <b>\/etc\/shadow<\/b>. Usually I just blank out password field for the root user then reboot. This may not work if the <b>PAM<\/b> was setup to disallow root login. In that case you may need to boot back into single user mode and then update the <b>PAM<\/b> to allow root login or allow root login without a password. Alternatively, the <b>passwd<\/b> command may be available so you can just run this to actually set a real password.<\/li>\n<\/ol>\n<\/div>\n<\/div>\n<p><script src=\"http:\/\/careers.stackoverflow.com\/gethired\/companyjs?divs=careers1,careers2,hireme&amp;_=1438823473919\" async=\"\"><\/script>linux &#8211; How do I completely remove root password &#8211; Stack Overflow<script src=\"http:\/\/edge.quantserve.com\/quant.js\" async=\"\"><\/script><script src=\"http:\/\/b.scorecardresearch.com\/beacon.js\" async=\"\"><\/script><script src=\"\/\/www.google-analytics.com\/analytics.js\" async=\"\"><\/script><script src=\"\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/1.7.1\/jquery.min.js\"><\/script><script src=\"\/\/cdn.sstatic.net\/Js\/stub.en.js?v=9bc498094964\"><\/script><script>\/\/ <![CDATA[\n        \n            StackExchange.ready(function () {\n                    \n                    StackExchange.using(\"snippets\", function () {\n                        StackExchange.snippets.initSnippetRenderer();\n                    });\n                    \n\n                StackExchange.using(\"postValidation\", function () {\n                    StackExchange.postValidation.initOnBlurAndSubmit($('#post-form'), 2, 'answer');\n                });\n\n                \n                StackExchange.question.init({showAnswerHelp:true,totalCommentCount:1,shownCommentCount:1,highlightColor:'#F4A83D',backgroundColor:'#FFF',questionId:11700690});\n\n                styleCode();\n\n                    StackExchange.realtime.subscribeToQuestion('1', '11700690');\n                                                                    StackExchange.using(\"gps\", function () { StackExchange.gps.trackOutboundClicks('#content', '.post-text'); });\n\n            });\n        \n\/\/ ]]><\/script><script>\/\/ <![CDATA[\n        StackExchange.init({\"locale\":\"en\",\"stackAuthUrl\":\"https:\/\/stackauth.com\",\"serverTime\":1438823472,\"networkMetaHostname\":\"meta.stackexchange.com\",\"routeName\":\"Questions\/Show\",\"styleCode\":true,\"enableUserHovercards\":true,\"snippets\":{\"enabled\":true,\"domain\":\"stacksnippets.net\"},\"site\":{\"name\":\"Stack Overflow\",\"description\":\"Q&#038;A for professional and enthusiast programmers\",\"isNoticesTabEnabled\":true,\"recaptchaPublicKey\":\"6LdchgIAAAAAAJwGpIzRQSOFaO0pU6s44Xt8aTwc\",\"recaptchaAudioLang\":\"en\",\"enableNewTagCreationWarning\":true,\"insertSpaceAfterNameTabCompletion\":false,\"globalAuthDisabled\":true,\"nonAsciiTags\":true,\"enableSocialMediaInSharePopup\":true},\"user\":{\"fkey\":\"88335e168770896c83f3d34f0cb999a6\",\"isAnonymous\":true}});\n        StackExchange.using.setCacheBreakers({\"js\/prettify-full.en.js\":\"70a1a2dc03bb\",\"js\/moderator.en.js\":\"a84a338d9866\",\"js\/full-anon.en.js\":\"5409e16b260f\",\"js\/full.en.js\":\"dd7d17975a46\",\"js\/wmd.en.js\":\"23d7c0bddfc6\",\"js\/third-party\/jquery.autocomplete.min.js\":\"e5f01e97f7c3\",\"js\/third-party\/jquery.autocomplete.min.en.js\":\"\",\"js\/mobile.en.js\":\"a82985b16771\",\"js\/help.en.js\":\"5a7b18512b93\",\"js\/tageditor.en.js\":\"c84618a71b61\",\"js\/tageditornew.en.js\":\"5b0897ed5281\",\"js\/inline-tag-editing.en.js\":\"de80429b1816\",\"js\/revisions.en.js\":\"9e897f24d78d\",\"js\/review.en.js\":\"bf0b16c9ba5f\",\"js\/tagsuggestions.en.js\":\"d1ff9b84abe5\",\"js\/post-validation.en.js\":\"0eb2b837d658\",\"js\/explore-qlist.en.js\":\"72b226151017\",\"js\/events.en.js\":\"26edc5e0f78d\",\"js\/keyboard-shortcuts.en.js\":\"9e89ea0a70f4\",\"js\/external-editor.en.js\":\"4585e09aa5e5\",\"js\/external-editor.en.js\":\"4585e09aa5e5\",\"js\/snippet-javascript.en.js\":\"de8a8912991d\",\"js\/snippet-javascript-codemirror.en.js\":\"0d068b6b933b\"});\n        StackExchange.using(\"gps\", function() {\n             StackExchange.gps.init(true);\n        });\n    \n\/\/ ]]><\/script><script>\/\/ <![CDATA[\n            StackExchange.ready(function () {\n                $('#nav-tour').click(function () {\n                    StackExchange.using(\"gps\", function() {\n                        StackExchange.gps.track(\"aboutpage.click\", { aboutclick_location: \"headermain\" }, true);\n                    });\n                });\n            });\n        \n\/\/ ]]><\/script><script src=\"\/\/cdn.sstatic.net\/Js\/full-anon.en.js?v=5409e16b260f\" async=\"\"><\/script><script src=\"\/\/cdn.sstatic.net\/Js\/snippet-javascript.en.js?v=de8a8912991d\" async=\"\"><\/script><script src=\"\/\/cdn.sstatic.net\/Js\/post-validation.en.js?v=0eb2b837d658\" async=\"\"><\/script><\/p>\n<div class=\"container\">\n<div id=\"content\" class=\"snippet-hidden\">\n<div>\n<div id=\"mainbar\">\n<div id=\"answers\">\n<div id=\"answer-11700775\" class=\"answer\" data-answerid=\"11700775\">\n<table>\n<tbody>\n<tr>\n<td class=\"answercell\">\n<div class=\"post-text\">\n<p>Did you try <strong><code>passwd -d root<\/code><\/strong>? Most likely, this will do what you want.<\/p>\n<hr \/>\n<p>You can also manually edit <code>\/etc\/shadow<\/code>: (Create a backup copy. Be sure that you can log even if you mess up, for example from a rescue system.) Search for &#8220;root&#8221;. Typically, the root entry looks similar to<\/p>\n<pre><code>root:$X$SK5xfLB1ZW:0:0...\r\n<\/code><\/pre>\n<p>There, delete the second field (everything between the first and second colon):<\/p>\n<pre><code>root::0:0...\r\n<\/code><\/pre>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>In the event your Linux box experiences disk or file system issues you may receive a &#8220;Give root password for maintenance&#8221; prompt upon reboot. If you have your root password you can login but in the event your using &#8216;slide&#8217; or &#8216;sudo&#8217; for wheel access or you&#8217;ve just mis-placed your root password &#8211; you&#8217;ll need [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,17],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5072"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5072"}],"version-history":[{"count":4,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5072\/revisions"}],"predecessor-version":[{"id":5076,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/5072\/revisions\/5076"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5072"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5072"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5072"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}