RHEL: Forgotten ’root’ password / using single-user to gain access

RHEL: Forgotten 'root' password / using single-user to gain access

# Tested on RHEL 6 & 7


# RHEL 6 -----------------------------------------------------------------------------------

# Booting into single user mode is the easiest way to gain access to a RHEL server (only
# feasible if you have access to the physical console).

# To enter single-user mode, reboot your computer. If you use the default boot loader, GRUB,
# you can enter single user mode by performing the following:

# Method A:

# 1.- At the boot loader menu, use the arrow keys to highlight the installation you want
#     to edit and type 'a' to enter into append mode.

# 2.- You are presented with a prompt that looks similar to the following:

grub append> ro root=LABEL=/

# 3.- Press the Spacebar once to add a blank space, then add the word 'single' to tell
#     GRUB to boot into single-user Linux mode. The result should look like the following:

ro root=LABEL=/ single

# 4.- Press [Enter] and GRUB will boot single-user Linux mode. After it finishes loading,
#     you will be presented with a shell prompt.

# 5.- You are now in single user mode, and be auto logged in as root. You can now change
#     the root password by typing:

passwd root

# *** Note: For Red Hat Enterprise Linux 6.0 there is a bug that will prevent you from
# changing your root password in single user mode. This is a result of SELinux. For this
# situation you would want to temporarily disable SELinux:

setenforce 0

# Now you should be allowed to change your root password.



# Method B:
# ------------------------------------------------------------------------------------------

# 1.-  At the beginning of the boot process you should see the grub menu pop up with a
#    countdown and some kernel options (or perhaps just one option). It should be counting
#    down at this point and says: "Press any key to enter the menu". In this case you would
#    hit any key.

# 2.- At the bottom of the screen there is an explanation of the few options that are
#     available to use on this page. One of these options is 'e' for edit. Hit 'e' to edit
#     the boot kernel options.

# 3.- You would now edit the main kernel options, adding 'single' at the end.

# 4.- Once you have completed that hit enter, then 'b' for boot.

# 5.- You are now in single user mode, and be auto logged in as root. You can now change
#     the root password by typing:

passwd root
 
# *** Note: For Red Hat Enterprise Linux 6.0 there is a bug that will prevent you from
# changing your root password in single user mode. This is a result of SELinux. For this
# situation you would want to temporarily disable SELinux:

setenforce 0

# Now you should be allowed to change your root password.



# Method C:
# ------------------------------------------------------------------------------------------

# If, for whatever reason (hardened server,... ), methods A and B don't work, we can proceed
# as shown here below.
 
# Use either method A or B to edit kernel options and append

   init=/bin/sh

# This process passes the init=/bin/sh option to the kernel and tells it to run /bin/sh
# as init instead of the normal /sbin/init. By doing this, the normal init process is
# bypassed.

# To reset root password:

# Mount the /proc filesystem

mount /proc

# Remount the root filesystem in read/write mode

mount -n -o remount,rw /

# Mount the /usr partition (if it is a separate partition)

mount /usr

# Reset root password

/usr/bin/passwd

# and, finally, power cycle the system manually (none of the reboot commands is meant to
# work at this point)




# RHEL 7 -----------------------------------------------------------------------------------

# Reboot server. At the boot loader menu, user the arrow keys to highlight the installation
# you want to edit and press "e" to modify the parameters to boot the kernel

# Scroll down until you find the kernel line. It looks like this one, beginning with
# "linux16":

linux16 /vmlinuz-0-rescue-ccddb0f617bc493baa4e9f7d7b8e4612 root=/dev/mapper/rootvg-lv_root \
   ro crashkernel=256M rd.lvm.lv=rootvg/lv_root \
   rd.lvm.lv=rootvg/lv_swap rd.lvm.lv=rootvg/lv_usr net.ifnames=0 rhgb quiet

# You need to change "ro" to "rw" and start into a bash shell. Your new line should look
# like this one:

linux16 /vmlinuz-0-rescue-ccddb0f617bc493baa4e9f7d7b8e4612 root=/dev/mapper/rootvg-lv_root \
   rw init=/sysroot/bin/bash crashkernel=256M rd.lvm.lv=rootvg/lv_root \
   rd.lvm.lv=rootvg/lv_swap rd.lvm.lv=rootvg/lv_usr net.ifnames=0 rhgb quiet

# Then, you're ready to boot the server by simply pressing "Crtl + x"

# Once the server is up you should be able to change change root's password by
running
# following commands:

chroot /sysroot

passwd root


# Reboot your server to start it up in multi-user mode.

0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
Linux Network (TCP) Performance Tuning with Sysctl
Viewed 4499 times since Fri, Aug 3, 2018
Install Security Patches or Updates Automatically on CentOS and RHEL
Viewed 589 times since Fri, Oct 26, 2018
LOGROTATE – ARCHIWIAZACJA LOGÓW
Viewed 656 times since Fri, Nov 30, 2018
How to maximise SSD performance with Linux
Viewed 2652 times since Fri, May 15, 2020
Learn Linux System Auditing with Auditd Tool on CentOS/RHEL
Viewed 888 times since Fri, Apr 5, 2019
RHCS: Configure an active/backup pacemaker cluster
Viewed 1441 times since Sun, Jun 3, 2018
What is yum-cron ?
Viewed 1522 times since Fri, Oct 26, 2018
LVM: Extend an existing Logical Volume / Filesystem
Viewed 1022 times since Sat, Jun 2, 2018
RHEL: Remove existing SAN LUNs
Viewed 1185 times since Sat, Jun 2, 2018
Increase A VMware Disk Size (VMDK) Formatted As Linux LVM without rebooting
Viewed 5462 times since Wed, May 30, 2018