Recovering Lost Root Password

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey there Cybrarians.
00:00
>> Welcome back to the Linux+ course here at Cybrary,
00:00
>> I'm your instructor Rob Goelz.
00:00
In today's lesson, we're going to be talking about
00:00
Recovering Lost Root Passwords.
00:00
Upon completion of this lesson,
00:00
you're going to be able to explain
00:00
the common reasons that
00:00
root password recovery might be needed,
00:00
as well as understand the general process
00:00
to recover a lost root password.
00:00
Most of the time a root password can be reset,
00:00
but just by using an account that has Sudo privileges.
00:00
We can use pseudo bash or SU-dash,
00:00
and then temporarily become root and reset the password.
00:00
However, you might find yourself in
00:00
a situation where privileged account is
00:00
unavailable and you may have
00:00
to conduct a root password recovery.
00:00
There are a few situations where this
00:00
might happen. It might have happened.
00:00
For example, maybe an administrator left and didn't
00:00
save or share the root password and
00:00
no one else has a privileged account,
00:00
we might also have old systems that exist
00:00
and no one remembers the root password to those either.
00:00
The process to recover a root password
00:00
varies a lot based on distribution,
00:00
and then systems that have SELinux
00:00
can also have a bit of a complicated process,
00:00
so definitely take a look at anything that's distro
00:00
specific in terms of
00:00
the process for resetting a root password.
00:00
But in terms of a general overview or
00:00
general steps to recover the root password,
00:00
it generally goes like this.
00:00
We can go ahead and reboot and then
00:00
select the grub menu line to edit by
00:00
hitting "Arrow Up" or "Arrow Down" on
00:00
the GRUB menu and then we type 'E' to edit that line.
00:00
What we're going to do is find the line that contains
00:00
Linux or Linux 16,
00:00
and on that line we're going to replace RO read-only
00:00
with RW init equals bin SH.
00:00
What this is going to do is it's going to mount root.
00:00
Then we hit "Ctrl+ X" to
00:00
start our system with the changes.
00:00
What's going to happen is it's going to drop you into
00:00
a root prompt known as single user mode.
00:00
In other words, you're going to be set up
00:00
in the system as the root user.
00:00
We can verify that that repartition is mounted as read
00:00
write by doing a mount and
00:00
doing a grep for that root partition,
00:00
and we need to make sure that that's
00:00
mounted right because we're changing the password.
00:00
It's going to update the exec
00:00
shadow file and things of that nature.
00:00
Once we verify that that root partition is in place,
00:00
we can do the root password reset
00:00
just like we normally do,
00:00
using the password command,
00:00
then we reboot the system by doing exec sbin init.
00:00
With that, in this lesson,
00:00
we cover the common reasons for root password recovery,
00:00
as well as the general process to
00:00
recover a lost root password.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next