Unless otherwise noted, articles © 2005-2008 Doug Spencer, SecurityBulletins.com. Linking to articles is welcomed. Articles on this site are general information and are NOT GUARANTEED to work for your specific needs. I offer paid professional consulting services and will be happy to develop custom solutions for your specific needs. View the consulting page for more information.

How to get into a Linux system with a lost root password

From SecurityBulletins.com

Jump to: navigation, search

Written by Doug Spencer 11/19/2006

There are a couple of ways to get into a Linux system where you have lost the root password, if you have physical access to the machine.

The first is easy if you don't have a password on the boot loader.

  • Reboot the system.
  • Indicate to the boot manager (GRUB, LILO, etc) that you want to edit the boot command
  • Add "init=/bin/sh" to the boot command as a kernel parameter.
  • Boot the system. It will start up into the shell. You can then update the root password to something you know.

The second is the standard way of recovering from a lost password on a UNIX system:

  • Boot from CD-ROM, network, or other media. Start in single user mode from this media.
  • Once you have a command prompt in single user mode, mount your root device to /mnt
  • Edit the password in /mnt/etc/passwd or /mnt/etc/shadow as the case may be.
  • Save the changes. Run 'sync" to synchronize the disks. Change directory to /. Run "umount /mnt"
  • Reboot from your standard root disk and login
Personal tools