RHEL: Forgotten ’root’ password / using single-user to gain access

RHEL: Forgotten 'root' password / using single-user to gain access

# Tested on RHEL 6 & 7


# RHEL 6 -----------------------------------------------------------------------------------

# Booting into single user mode is the easiest way to gain access to a RHEL server (only
# feasible if you have access to the physical console).

# To enter single-user mode, reboot your computer. If you use the default boot loader, GRUB,
# you can enter single user mode by performing the following:

# Method A:

# 1.- At the boot loader menu, use the arrow keys to highlight the installation you want
#     to edit and type 'a' to enter into append mode.

# 2.- You are presented with a prompt that looks similar to the following:

grub append> ro root=LABEL=/

# 3.- Press the Spacebar once to add a blank space, then add the word 'single' to tell
#     GRUB to boot into single-user Linux mode. The result should look like the following:

ro root=LABEL=/ single

# 4.- Press [Enter] and GRUB will boot single-user Linux mode. After it finishes loading,
#     you will be presented with a shell prompt.

# 5.- You are now in single user mode, and be auto logged in as root. You can now change
#     the root password by typing:

passwd root

# *** Note: For Red Hat Enterprise Linux 6.0 there is a bug that will prevent you from
# changing your root password in single user mode. This is a result of SELinux. For this
# situation you would want to temporarily disable SELinux:

setenforce 0

# Now you should be allowed to change your root password.



# Method B:
# ------------------------------------------------------------------------------------------

# 1.-  At the beginning of the boot process you should see the grub menu pop up with a
#    countdown and some kernel options (or perhaps just one option). It should be counting
#    down at this point and says: "Press any key to enter the menu". In this case you would
#    hit any key.

# 2.- At the bottom of the screen there is an explanation of the few options that are
#     available to use on this page. One of these options is 'e' for edit. Hit 'e' to edit
#     the boot kernel options.

# 3.- You would now edit the main kernel options, adding 'single' at the end.

# 4.- Once you have completed that hit enter, then 'b' for boot.

# 5.- You are now in single user mode, and be auto logged in as root. You can now change
#     the root password by typing:

passwd root
 
# *** Note: For Red Hat Enterprise Linux 6.0 there is a bug that will prevent you from
# changing your root password in single user mode. This is a result of SELinux. For this
# situation you would want to temporarily disable SELinux:

setenforce 0

# Now you should be allowed to change your root password.



# Method C:
# ------------------------------------------------------------------------------------------

# If, for whatever reason (hardened server,... ), methods A and B don't work, we can proceed
# as shown here below.
 
# Use either method A or B to edit kernel options and append

   init=/bin/sh

# This process passes the init=/bin/sh option to the kernel and tells it to run /bin/sh
# as init instead of the normal /sbin/init. By doing this, the normal init process is
# bypassed.

# To reset root password:

# Mount the /proc filesystem

mount /proc

# Remount the root filesystem in read/write mode

mount -n -o remount,rw /

# Mount the /usr partition (if it is a separate partition)

mount /usr

# Reset root password

/usr/bin/passwd

# and, finally, power cycle the system manually (none of the reboot commands is meant to
# work at this point)




# RHEL 7 -----------------------------------------------------------------------------------

# Reboot server. At the boot loader menu, user the arrow keys to highlight the installation
# you want to edit and press "e" to modify the parameters to boot the kernel

# Scroll down until you find the kernel line. It looks like this one, beginning with
# "linux16":

linux16 /vmlinuz-0-rescue-ccddb0f617bc493baa4e9f7d7b8e4612 root=/dev/mapper/rootvg-lv_root \
   ro crashkernel=256M rd.lvm.lv=rootvg/lv_root \
   rd.lvm.lv=rootvg/lv_swap rd.lvm.lv=rootvg/lv_usr net.ifnames=0 rhgb quiet

# You need to change "ro" to "rw" and start into a bash shell. Your new line should look
# like this one:

linux16 /vmlinuz-0-rescue-ccddb0f617bc493baa4e9f7d7b8e4612 root=/dev/mapper/rootvg-lv_root \
   rw init=/sysroot/bin/bash crashkernel=256M rd.lvm.lv=rootvg/lv_root \
   rd.lvm.lv=rootvg/lv_swap rd.lvm.lv=rootvg/lv_usr net.ifnames=0 rhgb quiet

# Then, you're ready to boot the server by simply pressing "Crtl + x"

# Once the server is up you should be able to change change root's password by
running
# following commands:

chroot /sysroot

passwd root


# Reboot your server to start it up in multi-user mode.

0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Linux An introduction to swap space on Linux systems
Viewed 319 times since Thu, Jan 23, 2020
UUIDs and Linux: Everything you ever need to know [Update]
Viewed 486 times since Tue, Jul 17, 2018
Inxi: Find System And Hardware Information On Linux
Viewed 813 times since Sat, Jun 2, 2018
LVM: Reduce an existing Volume Group by removing one of its disks
Viewed 636 times since Sat, Jun 2, 2018
logrotate Understanding logrotate utility
Viewed 256 times since Sun, Jan 12, 2020
LVM: Reduce SWAP size by removing a Logical Volume
Viewed 622 times since Sat, Jun 2, 2018
Szybkie sprawdzenie zewnętrznego adresu IP i hosta
Viewed 821 times since Thu, May 24, 2018
CentOS / RHEL : How to move a Volume Group from one system to another
Viewed 570 times since Mon, Jan 28, 2019
RHEL: Extending the maximum inode count on a ext2/ext3/ext4 filesystem
Viewed 958 times since Sun, May 27, 2018
OEL 7 – How to disable IPv6 on Oracle Linux 7
Viewed 3398 times since Fri, Aug 3, 2018