The root password reset option doesn't work for my Linode. How can I reset my root password?
I tried to reset my root password via the cloud manager, but I am still getting a password denied error. How can I change my root password manually?
4 Replies
Hey there,
Sorry to hear that you are having trouble resetting your root password. This usually occurs if you are running an old or custom distribution. Since the root password reset feature isn't working for you, you can reset the root password of your Linode manually by following these steps:
When the Linode is rebooted, we will need to connect to the Linode via Lish
Mount the disks, then chroot into the install:
Once booted into rescue mode, you can mount /dev/sda, which is your root disk, with the following commands:
mkdir -p /media/sda
mount -o barrier=0 /dev/sda /media/sda
cd /media/sda
mount -t proc proc proc/
mount -t sysfs sys sys/
mount -o bind /dev dev/
mount -t devpts pts dev/pts/
chroot /media/sda /bin/bash
This should log us into the root user on your Linode. From here, you can simply change the password by running the command passwd
. Once that is done, simply reboot the Linode into its normal configuration, and you should be set!
If you're trying to ssh in as root and getting the password denied message, first try logging in as root via lish, if that still doesn't work then follow Smccabe's instructions.
These instructions didn't quite work for me when attempting to reset my root password through Rescue Mode for a CentOS 8 system. That said, here's what did work.
Note: Only follow the below instructions if you are running CentOS 8 and the Cloud Manager's Password Reset functionality is not working for you.
Boot into Rescue Mode using the Cloud Manager (see Rescue and Rebuild). Assign your main system disk to /dev/sda.
After Rescue Mode (Finnix) boots up, open the console (Lish) and run the following commands, which will mount your disk, reset your password, and add an empty hidden file named ".autorelabel" to the root directory of the disk. Though the file is empty, the fact that it exists will trigger a process in SELinux (which is enabled by default on CentOS 8 systems using the upstream kernel) on the next boot.
mount /dev/sda /mnt chroot /mnt passwd touch /mnt/.autorelabel
Reboot back into your normal system using the Cloud Manager. This cause SELinux to see the ".autorelabel" file and start the relabelling process. Since I'm not very familiar with what this process does, I encourage you to do your own research - especially if you have mission critical data on the disk. The boot will appear to be successful from the Cloud Manager, but, if you look in LISH, you'll see the relabelling start and then it'll go back to the main LISH screen (as if the system was off).
Reboot/boot into your normal system again after the relabelling process completes. This reboot should be successful and your new password can now be used.
I'm not an expert on this and your mileage may vary, especially if you don't have SELinux enabled. Just wanted to share what worked for me in case others ran into the same thing!
I have my Linode booting from a block storage volume. Does the answer provided by Smccabe above work in my case?