Reset Linux Root password in under 5 minutes

If you are horrified to find out how easy it is to reset a windows password you are in for a treat. To reset Linux root password you don’t even need a live distro. Going with “if you have physical access to a computer all bets are off philosophy. Resetting Linux root password is as easy as they come.

There are more than one way to skin this cat, but I will show you one of the easiest option and how its done with Ubuntu. Though I haven’t tried it on every garden variety Linux distros out there, to the best of my knowledge this works on all major Linux distro out there.

Prerequisite:

Being able to boot in to recovery mode. With Ubuntu you actually get prompt to login to recovery mode or different kernel version, whenever you boot up.

Step 1:

Once you boot in to the recovery mode you will get a prompt with recovery options. Chose root Drop to root shell prompt. 2 minutes in and you already have root access to the box. Scary huh?

Step 2:

Once you have root access with recovery mode you will need write access in order to reset/change root password. Type this:
mount -o remount,rw / this will mount your root diectory with read/write permission.

Step 3:

Type passwd and you will get prompted to type in new root password and verify it by retyping the password. If you want to reset a specific user’s password just add the username passwd username.

Sure you can take steps to prevent someone from resetting your password so easily. But once someone has physical access to your Linux box with default install option, this is as easy as it gets.





Feel free to follow us on Facebook and Twitter or just subscribe to our RSS feed.



  • Pingback: Reset your root password (Ubuntu) « 0ddn1x: tricks with *nix()

  • terpion

    Quicker to boot into “Single” mode and change root’s password with “passwd” command

    • mihi

      single user mode runs sulogin (i. e. asks for root password) on many distros. you could also add init=/bin/sh to kernel command line if no recovery entry is in your bootloader, and then proceed with remounting your filesystem etc.

      General ways to make these methods harder for attackers (so that they take more than 5 minutes of access to e. g. your notebook) are adding passwords to your bootloader entries (at least the non-default ones) or for editing the kernel command line. And also add password for entering the BIOS setup and remove removable drives from your default BIOS boot order.

      Hard disk encryption and/or setting an ATA disk password can also help (especially against stealing the whole disk with your data), but it also makes normal operation more cumbersome (may break suspend-to-disk and require input of more stuff on every boot).

  • http://www.ax11.de Tom

    Scary? No. Root passwords are basically there to prevent users from root access on a running machine. They are -of course- useless against attacks from physical access: No password will keep a bad guy with screwdriver from stealing your disks. That’s what drive encryption is for – so good luck breaking some decent AES keys in five minutes, if you consider Loonix boxes as “insecure” now.

  • http://www.wissel.net/ Stephan H. Wissel

    Next step: read up on LUKS and encrypt your disks. Bearable with SSD.

space invader