If you are a Linux administrator or user, you already know the significance of the root user. The root user is a special user, also known as administrator or superuser, who has the highest privileges in the Linux system with access to all files and commands. The root user is most likely used for admin tasks such as managing other user accounts, installation, upgradation, or patching software and services, changing the ownership of files. Since it is not recommended to use the root user for normal unprivileged user tasks, in a secure environment, root passwords are not shared with other users and are not often used for logging in. So, there are chances to forget the root password if it wasn’t used for a long time and misplace it. The reason for losing the root password could be anything. The ultimate solution is to recover the root password. This post is for you if you have this problem with your Red hat Enterprise Linux or CentOS servers. We have created this post to let you know how to recover the root password in RHEL or CentOS in 5 minutes.
This post is not for those who knew the password of the user account which is a member of the ‘wheel’ group. If you have the login of a normal user who is a member of the ‘wheel’ group, you can reset the root password just by the ‘passwd’ command. On RHEL and CentOS, members of the group ‘wheel’ are granted sudo access.
It is always good to have at least one user account with sudo access. Use this command to add a user to the wheel group. But, bear in mind, it requires a sudo password. This may save you from an unnecessary reboot or log out.
$ sudo usermod -aG wheel username
If you don’t have a user account and want to create a new user account. Use this below command. Note: replace ‘username’ with your account name.
$ sudo adduser username
Well, you should need a password to login into Linux. You can’t have a user account without a password. The user account is incomplete without the password. Use this command to set the password for the user created in the previous step.
$ sudo passwd username
Since we have shown how to create a user account and how to add the user account to the wheel group to enable sudo access for the user account. We thought it is better to let you know how to delete the user account either. Follow these commands to delete the user account with or without the user’s home directory.
Run this command to delete the user account without deleting the user’s home directory:
$ sudo userdel username
Run this command to delete the user account with the user’s home directory and mail spool:
$ sudo userdel -r username
What if you don’t have a user account with sudo permissions enabled and lost the root password. The only way is to recover the root password using single-user mode. The procedure is very simple, straight and it doesn’t take a long time to complete. But, it requires a reboot. Services running on the server may interrupt. If you are going to do this on a production server, then plan the reboot as per your schedule.
A video tutorial by
First, reboot your server. As soon as you see the bootloader with the selection screen, quickly tap the up and down arrows to pause the countdown.
You will have to go to the screen where you can edit the grub bootloader script. Chose the kernel you want to boot into, and hit ‘e’.
Find the line that refers to the kernel, The line starts with whether ‘Linux’ or ‘Linux16’ depends on the RHEL/CentOS version.1. For RHEL/CentOS 7, the line starts with ‘linux16‘.2. For RHEL/Centos 8x, and Fedora the line starts with ‘Linux‘.
Since we are using RHEL 8 in this demonstration, we have the line that starts with ‘Linux‘.
Add ‘rd.break‘ at the end of that line.
Then, hit ‘Ctrl+x’ to run the edited bootloader script.
You will boot to a ‘rescue‘ prompt that looks like this: switch_root:/#
.
To run commands on this single-user mode, you should remount the ‘/’ file system in read-write mode. Use this command to remount the root partition in read-write mode.
Run this command to mount the root directory.
# mount -o remount rw /
OrRun this command to mount the root partition.
# mount -o remount rw /sysroot
Run this command to change into the ‘/’ sysroot directory.
# chroot /sysroot
Now, you can use the ‘passwd’ command to reset the root password.
# passwd
Before you exit, it is required to make sure that SELinux allows the file changes. You need to create a hidden file with the name ‘autorelable‘ using the ‘touch‘ command to signal SELinux on the next reboot that the filesystem has changed and allow the change to be loaded.
# touch /.autorelable
Note; Depending on the size of the filesystem and the speed of the machine, it may take sometime to relabel the whole filesystem.
Just type ‘exit’ to leave the chroot environment and ‘logout’. Now you are ready to logi into the server using the new root password.
# exit
# logout
That’s it.
We hope this post would help you in learning How to Recover the Root Password in RHEL/CentOS. Thanks for reading this post. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.
You may also like these articles:
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”
"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.
BurpGPT is a cutting-edge Burp Suite extension that harnesses the power of OpenAI's language models to revolutionize web application security testing. With customizable prompts and advanced AI capabilities, BurpGPT enables security professionals to uncover bespoke vulnerabilities, streamline assessments, and stay ahead of evolving threats.
PentestGPT, developed by Gelei Deng and team, revolutionizes penetration testing by harnessing AI power. Leveraging OpenAI's GPT-4, it automates and streamlines the process, making it efficient and accessible. With advanced features and interactive guidance, PentestGPT empowers testers to identify vulnerabilities effectively, representing a significant leap in cybersecurity.
Tenable BurpGPT is a powerful Burp Suite extension that leverages OpenAI's advanced language models to analyze HTTP traffic and identify potential security risks. By automating vulnerability detection and providing AI-generated insights, BurpGPT dramatically reduces manual testing efforts for security researchers, developers, and pentesters.
Microsoft Security Copilot is a revolutionary AI-powered security solution that empowers cybersecurity professionals to identify and address potential breaches effectively. By harnessing advanced technologies like OpenAI's GPT-4 and Microsoft's extensive threat intelligence, Security Copilot streamlines threat detection and response, enabling defenders to operate at machine speed and scale.