Yesterday after setting up my CentOS 7 (minimal install) virtual machine, I forgot my administrator password. To make things worse, I didn’t give administrative privileges to the default user (one that you get to create while installing) either. So at the end, I basically ended up with a useless user account (ai yai yai!).
Luckily, as a fix, without reinstalling the operating system and using a special password recovery tool, I used a simple trick to bypass certain security measures for setting up (reset) a new administrator password in CentOS 7. Even though I did all this in a virtual machine, if confronted with a similar situation, one should be able to use what I did on an actual computer as well.
CentoOS 7 comes with systemd, so this method will only work on GNU/Linux distributions that use it (it’s what most newer ones use these days anyway).
If you don’t know whether your operating system use systemd or not, if you have user assess to it, then you can make sure it’s there by simply entering the below command into the terminal:
If it’s there, then it’ll print its version and some additional gibberish which mean you’re good to go.
So if you’re already logged in, then reboot your computer or if it’s turned OFF, turn it ON.
When the GRUB screen shows up (that’s the one you use to choose the operating system), choose the entry you usually use and rather than hitting the
Enter key, this time press ‘
e'(if you’ve set the GRUB menu delay to zero, then before GRUB loads up, press the
Shift key a couple of times, that should show its window).
That will bring you to a window similar to the below one (the output might change depending on the default settings of your distribution):
From here, simply scroll down (use the down-arrow) until you see a line that starts with
linux, although it can change depending on both the distribution and your hardware (it can be:
linuxefi, if your motherboard has UEFI support for instance), it should start with the keyword,
When your cursor has reached the beginning of this line, simply press the
End key. That will bring you to the end of this line. Now type in the below code (make sure to add a space first, if the
End key doesn’t add one automatically):
When done, press the
Ctrl + X keys and the system should begin to boot to our desired state, and it could take a few seconds (more or less, depending on the capability of your hardware).
When it’s done, it’ll take you a terminal session as shown below (the version numbers can change).
Now that we’ve successfully bypassed the administrator password based authentications, it’s time to reset it. For that, simply type in the below command into the terminal session:
You’ll be prompted twice to enter the new password.
Once done, also enter the below command. This is only needed if your system use ‘SELinux’ (a set of tools that further expand the existing permissive logic of GNU/Linux), but just enter it even if you’re not sure (no harm done):
Now we’re almost done. All we have to do is to simply reboot the computer. But if we just use the ‘reboot’ command here it will not work because we’ve entered into a simple/minimal command-line environment and that environment is not aware of all the commands and their paths of the system. So let’s first find where the ‘reboot’ command is located.
For that we can use the ‘whereis’ command, followed by the command name, the path of which we’re trying to find. When ready, enter the below command:
This will give you a couple of outputs (each separated by a single space). But here only take a note of the first line. In CentOS 7, as you can see, ‘reboot’ is located in:
/usr/sbin/reboot. But this can change from distribution to distribution.
Once you’ve figured out its path, simply type it into the terminal with the ‘-f’ argument (shown below) which will force the ‘reboot’ command to actually reboot the system.
Without it (-f), ‘reboot’ will simply pass the job to a different utility since it too is not present at this state, rebooting will fail (no need to take my word for it, use without it any see what happens 😀 )
Well, that’s it. Next time it boots, it will be a bit slow because of that
touch /.relabel command we entered previously as it forces the operating system to relabel the SELinux policies of the whole system. The second time it should boot normally, and when it’s done, you’ll see that you’re back in control (ahh, no other feeling like it!).
That’s one way to recover (reset) your lost administrator password in ‘Linux’. Good luck.