X

This site uses cookies and by using the site you are consenting to this. We utilize cookies to optimize our brand’s web presence and website experience. To learn more about cookies, click here to read our privacy statement.

Built In’s Best Place to Work
SPR Named a Top Place to Work in 2024
FIND OUT MORE

12 Steps to Password Recovery for RHEL, CentOS 7 Linux

Author: Neil McGuffey Posted In: Custom Development, Digital Transformation
Jul 182017
Scores of padlocks hang from 5 cables

Forgot your RHEL 7 or CentOS 7 Linux root password? Did you recently inherit one of these systems but do not have a way to log in? If you have access to the console, be it physical or using whatever Hyper-Visor tools, you may be able to perform a root password recovery procedure.

Please note that this procedure must be performed from a console session. We also assume the system is using the default grub2 bootloader and grub is not being password protected. Lastly, this procedure cannot be accomplished over any SSH remote session. Being able to see the grub bootloader boot options is essential and using the procedure below, it can only be done through a console session.

1. Power up / reboot

The first step is to power up or reboot the system and edit the grub2 parameters. Timing here is critical. You must press ‘e’ before the menu times out and boots normally.
A screen shot of a computer screen displaying a password recovery process.

2. Linux16

Look for a line that mentions linux16 (or linuxefi if you are using UEFI bios). You may need to use the arrow keys to scroll down.  At the end of the linux16 or linuxefi line, find and replace the rhgb quiet parameters with rd.break enforcing=0

A screen shot depicting a computer screen with a red arrow pointing towards the password recovery option.

3. Start boot process

Once you have edited the parameters accordingly, hit CTRL-X to start the boot process with the new parameters. The system should boot into the root system.

A screen shot of a computer screen displaying a password recovery message.

4. Remount as read/write

Enter the following command to remount the sysroot filesystem as read/write: mount -o remount,rw /sysroot

A black and white photo featuring a man and a woman.

5. chroot into sysroot

Now we chroot into the sysroot, using the following command: chroot /sysroot

A screen shot of a computer screen displaying a text message regarding password recovery.

6. Change the password

We can use the passwd command to change the root password.
How to change password for user root in windows xp using password recovery.

7. Return to switch_root

Issue the following command to bring us back to the switch_root:/# prompt: exit

A screen shot of a computer screen displaying a password recovery message.

8. Remount to read-only

Enter the following command to remount the sysroot filesystem as read-only once again: mount -o remount,ro /sysroot

A black screen with white text displaying a password recovery message.

9. Exit the session

Now we can exit the session and allow the system to reboot using the following command: exit

10. Boot and login

Allow the system to boot normally and login as root using the new password that you set in step 6.

A screen shot of a computer screen displaying the password recovery process.

11. Clean up

We must clean things up a bit before rebooting again or doing anything else with the system. First, let’s update the /etc/shadow file by issuing the following command: restorecon /etc/shadow

A screenshot of a computer screen displaying a password recovery message.

12. Set SELINUX

Finally we set our SELINUX back to enforcing mode by issuing the following command: setenforce 1

An image of a computer screen displaying a text for password recovery.

You're on a roll! Try these next:

Robot sitting on a bench looking at a bookWriting Manual Tests for Easy Automation
CentOS 7 linuxlinux root password recoverypasswordpassword recoveryRHEL
Next How to Create a Scheduled Background WebJob in Azure