The root password reset option doesn't work for my Linode. How can I reset my root password?

Linode Staff

I tried to reset my root password via the cloud manager, but I am still getting a password denied error. How can I change my root password manually?

3 Replies

Hey there,

Sorry to hear that you are having trouble resetting your root password. This usually occurs if you are running an old or custom distribution. Since the root password reset feature isn't working for you, you can reset the root password of your Linode manually by following these steps:

  1. Reboot the Linode into rescue mode.

  2. When the Linode is rebooted, we will need to connect to the Linode via Lish

  3. Mount the disks, then chroot into the install:
    Once booted into rescue mode, you can mount /dev/sda, which is your root disk, with the following commands:

mkdir -p /media/sda
mount -o barrier=0 /dev/sda /media/sda
cd /media/sda
mount -t proc proc proc/
mount -t sysfs sys sys/
mount -o bind /dev dev/
mount -t devpts pts dev/pts/
chroot /media/sda /bin/bash

This should log us into the root user on your Linode. From here, you can simply change the password by running the command passwd. Once that is done, simply reboot the Linode into its normal configuration, and you should be set!

If you're trying to ssh in as root and getting the password denied message, first try logging in as root via lish, if that still doesn't work then follow Smccabe's instructions.

These instructions didn't quite work for me when attempting to reset my root password through Rescue Mode for a CentOS 8 system. That said, here's what did work.

Note: Only follow the below instructions if you are running CentOS 8 and the Cloud Manager's Password Reset functionality is not working for you.

  1. Boot into Rescue Mode using the Cloud Manager (see Rescue and Rebuild). Assign your main system disk to /dev/sda.

  2. After Rescue Mode (Finnix) boots up, open the console (Lish) and run the following commands, which will mount your disk, reset your password, and add an empty hidden file named ".autorelabel" to the root directory of the disk. Though the file is empty, the fact that it exists will trigger a process in SELinux (which is enabled by default on CentOS 8 systems using the upstream kernel) on the next boot.

    mount /dev/sda /mnt 
    chroot /mnt passwd
    touch /mnt/.autorelabel
    
  3. Reboot back into your normal system using the Cloud Manager. This cause SELinux to see the ".autorelabel" file and start the relabelling process. Since I'm not very familiar with what this process does, I encourage you to do your own research - especially if you have mission critical data on the disk. The boot will appear to be successful from the Cloud Manager, but, if you look in LISH, you'll see the relabelling start and then it'll go back to the main LISH screen (as if the system was off).

  4. Reboot/boot into your normal system again after the relabelling process completes. This reboot should be successful and your new password can now be used.

I'm not an expert on this and your mileage may vary, especially if you don't have SELinux enabled. Just wanted to share what worked for me in case others ran into the same thing!

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct