December 07, 2004

Linux Clues: Lost Password? No Problem!

Losing your Linux user password isn't the end of the world. In fact, it's relatively easy to recover from a lost password. Here's how it's done.

Courtesy of Linux Pipeline

What if one day you sat down to your computer, and couldn't remember your user password? It could happen. Senior moments, blonde moments, Mom's-heimers -- call it what you will -- but every so often the humans among us lose random bits of data. And, because it's bad security (or rather no security) to write down your passwords, here's how you can login despite the forgotten password.

IMPORTANT: The tips in this document require the use command-line commands. For more information about how to read and execute Linux command-line prompts and commands, please check the Linux Clues' Linux Cheat Sheet, especially Linux Prompt Basics and Linux Command-Line Nomenclature.

Lost User Password
So you forgot your user password, eh? The following steps assume you've forgotten your user password but remember your root password. If you don't remember your root password, skip down to that section.

Start by logging in as root. (If you're not sure how to do that, read Logging in and out as Root in the Linux Clues' Linux Cheat Sheet) Next, open a terminal or console and type the three lines that follow. (Remember, don't type the pound symbol, that shows you're logged in as root.)

# passwd {type your username here without the curly brackets}
Type in a new password    (Ignore the error message you'll probably get.)

Type in the new password again.

Log out as root and back in as user with your new password.

Of course, this fix assumes you remember your root password. What do you do if you forget your root password? Not possible? Ok, just imagine you disappear on a fantastic vacation, sans PC. (It COULD happen.) Let's say you spend a glorious two weeks of baking your brains in the sun, or hiking up the sides of mountains viewing stunning vistas. Day after day after day. Then after 14 days of this you head back home, where you power up the PC, go to login and have brain fade trying to remember your root password. What should you do? Well, we'll show you.

Lost Root Password
IMPORTANT: Physically disconnect your PC from the network and the Internet -- pull the Ethernet cable out, eject the wireless card, whatever. Just make sure you're offline. This is to protect your PC from possible Internet-borne attack while you're repairing the password. Please heed this warning and follow this safety procedure. Linux is vulnerable during these steps.

Follow this two-step process. Because the first step varies from distro to distro, we're presenting several alternatives, including an advanced version. The second step is pretty much the same across the board.

Step 1: Red Hat and Mandrake
Start with install CD #1 and boot with it. As the first screen appears, press F2 and type:

rescue    (Type "linux rescue" for Red Hat.)

The computer should boot into rescue mode. The screen will display several options. Select: "mount the existing partitions" and go to the shell/console prompt. (Mandrake users: Boot into "failsafe" from the Lilo menu instead.)

Step 1: SuSE
Boot from your first install CD and press F1 at the first screen, then choose "Rescue System" from the menu and at the prompt type:

root    (You do not need a password.)

Step 1: Other Distros
Boot from your first install CD (or any live CD like Knoppix) and at the boot prompt type:

linux single    (For Knoppix type "knoppix single" without the quotes.)

The computer will boot in single user mode. You will see an odd looking prompt that might look something like: "sh-2.05b#".

Step 1: Advanced Alternative

If you're a regular reader of Scot's Newsletter and you carried out the Rescue CD Linux Explorers tip from the last newsletter issue, you already have a Linux rescue CD, which is required for this alternative to Step 1.

By booting with your rescue CD (or to a live Linux CD, such as Knoppix), you can bypass Step 1, mount the partition and, while logged in as root, skip right to Step 2 and make the changes to the files Step 2 requires.

Step 2
After following Step 1 as appropriate, type the following at the prompt:

# cd /etc    (For Knoppix, first you must change directory to the partition with your lost-password distro.)

Step 2 requires you to make changes to these two files: "passwd" and "shadow." Type this line:

# vi passwd    (This opens the file with the Vi editor.)

Next, press the I key, which places the Vi editor in Insert mode.

For more on the Vi editor, see the Vi Editor edition of Tips for Linux Explorers.

The first line of the passwd file will probably look like this:

root:x:0:0:root:/root:/bin/bash

Carefully delete the "x" after "root:" being sure to leave the colons in place. The first line should now read:

root::0:0:root:/root:/bin/bash

Save the file by pressing the Escape key and then typing:

ZZ

To edit the second file, type:

# vi shadow

Press the I key to place the Vi editor in Insert mode.

The first line of the shadow file is a long scrambled string of characters. Change it to:

root::::    (That's four colons.)

Save the file by pressing the Escape key and then typing:

ZZ

Now you can reboot your computer. Log in as your normal user, open a console, and type:

$ su
# passwd

And set the new root password. Log out as root:

Ctrl-D

And the job is done!

Congratulations! You've now reset your lost password. You should plan on never, ever going on another extended vacation again (or getting older, or having kids, and so forth) -- so this will never happen again. After all, there's nothing more important than Linux. Right? Priorities, people!

Sources
Linux Clues appears courtesy of LinuxClues.com and Bruno of Amsterdam, lead moderator of the popular All Things Linux forum at Scot's Newsletter Forums. Bruno is helped by All Things Linux co-moderators Peachy and Teacher, as well as other forum members who have posted in the highly useful Tips for Linux Explorers thread (from which LinuxClues.com and the For Linux Explorers section of Scot's Newsletter are adapted).

Check out all the other useful installments of LinuxClues.com, which will also be appearing on Linux Pipeline in the weeks to come.

LinuxClues.com is edited by Cyndy, and copyedited by Scot.