Help! I deleted my root user. How can I fix this?

Linode Staff

I tried to disable root account to improve the safety and deter anonymous remote root password guess for logins.
However, I found sudo doesn't work anymore after I disabled the root user.
I changed the user from root to #root in /etc/passwd.
Can you help change back?

2 Replies

I was able to find this guide from The Geek Diary on recovering a deleted root entry in /etc/passwd. While yours is only commented out, the steps are nearly identical; instead of adding the entry back in, you'll just be uncommenting it.

That guide recommends booting into single user mode first to make the switch while the bootloader is showing. This is a little tricky being on a remote machine like a Linode, so you'll have to be quick. I was able to get into single user mode by doing the following:

  • Reboot your Linode from the Cloud Manager
  • Immediately after the reboot has completed, click "Launch Console." There is only a 5 second window here before the system boots normally.
  • If the Lish console has loaded with the bootloader showing, click in that window and hit any key immediately to cancel the timer. If it already looks like it started the boot process you'll have to reboot and try again.
  • Now we can move a little slower. Highlight the option corresponding to your distribution (not the "Advanced options" selection), and hit e on your keyboard
  • You should see your boot arguments at this point. Find the line that starts with linux and move your cursor to the very end. Add a space and enter the number 1 to specify we want to boot into single user mode. Hit ctrl + x to load into your Linode.
  • If all goes well, you should be prompted for the root password. From here you can undo your changes in /etc/passwd.

From there I would check out the steps in the Securing your Server Guide to disallow root access over SSH. You can prevent root logins this way without tinkering with the root user. The file you'll want to modify is your /etc/sshd_config file; change the line that says #PermitRootLogin yes to PermitRootLogin no, simple as that!

Pardon my ignorance but wouldn't booting to rescue mode, mounting the disc volume and just editing /<volume_mount_point>/etc/passwd be a lot easier (and faster)?

-- sw

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct