- Performing Linux Password Resets [Step-by-Step]
- Prerequisites
- Performing a Linux Password Reset Using the Terminal
- Changing Your Password
- Resetting Another User’s Password
- Renewing a Group Password
- Performing a Linux Password Reset Outside the OS
- Booting to the GRUB Menu
- Resetting a Password in Recovery Mode
- Resetting a Password in Single-User Mode
- Conclusion
Performing Linux Password Resets [Step-by-Step]
Ransomware recovery test drive: This technical workshop is designed to take you behind the scenes and shows you how to adopt strategies to automate recovery, ensuring you’re ready to become a recovery hero. REQUEST YOUR LAB
Did you forget your Linux user password? Or worse, have you lost the root account password? Don’t worry; you don’t have to reinstall the operating system because of a lost or forgotten password. You can execute a Linux password reset quickly with a single command line or only a few steps.
Stop struggling with password reset calls and account lockouts in Active Directory. Get a FREE trial of Specops uReset.
Keep reading, and by the end of this tutorial, you’ll have learned the techniques to reset your password, another user, or even the root user password.
Prerequisites
This tutorial will be a hands-on demonstration. If you’d like to follow along, be sure you have the following:
- A Linux computer – This tutorial uses Ubuntu 20.04 LTS, but you can perform the same steps with any other Linux distribution.
- A user account with sudo privileges.
Performing a Linux Password Reset Using the Terminal
Most administrative tasks in Linux, if not all, requires running commands in the terminal, and password resets are no exception.
The terminal commands are standard among Linux distros, whether you’re changing your password, resetting another user’s password, or resetting a forgotten root account password.
The procedures in this section assume that you have already logged in to the Linux computer either locally or remotely via SSH.
Changing Your Password
To change your user account password, follow the steps below.
1. On the terminal, type passwd and press Enter to start the password change process.
2. At the next prompt, type your current user password and press Enter.
Don’t worry if you don’t see what you type in on the terminal. Typically, the terminal hides the password input or masks the password with a * or other character.
3. Next, enter the new password next to the New password prompt and press Enter.
4. Finally, retype the new password and press Enter to confirm. If the new passwords match, the system will change the password, and you should see an output similar to the one below.
Resetting Another User’s Password
Having multiple user accounts on a Linux machine is common, especially on servers. And other users, from time to time, need their Linux password reset. If you have sudo privileges, you can reset other users’ passwords, too.
You can also apply these steps to reset the root account password.
1. To reset another user’s password, run the command below in the terminal. Make sure to change the username to the target username of the password reset. The sudo command means that you want to run the passwd command that follows as a superuser.
For example, the command below will change the password for the username victor.
2. In the prompt, type in your user account password and press Enter. Doing so confirms that you are going to run the command as a superuser.
3. Next, enter the new password for the user whose password you want to reset and press Enter.
4. To confirm, retype the new password and press Enter. If both passwords match, you should get a notification that the user’s password has been updated successfully.
Until the user changes their password, you’ll have access to their user accounts — and this situation can be a security concern. As a workaround, you should immediately expire the user’s new password to force a password change on the next login attempt.
5. Finally, to force the user to change their password during their next login, run the command below in the terminal. The -e parameter will immediately expire the new password.
6. Give the user the new (temporary) password and advise of the force password change during their next login.
Renewing a Group Password
In Linux, a group can have a password. A user who is not a group member but knows the group’s password can temporarily access that group’s permissions. By its nature, a group’s password is a shared password, and a shared password may become compromised.
In such situations, you can reset the group’s password. To do so, follow these steps.
1. On the terminal, run the command below and press Enter. Make sure to change the groupname to the group’s name you want to reset the password. The gpasswd command allows administering groups, including changing a group’s password.
For example, the command below changes the password for the support-group group.
sudo gpasswd support-group
2. Now, type in the new group password and press Enter.
3. Finally, retype the new group password and press Enter. The system then changes the group’s password. If the change were successful, you will get no confirmation message and no errors, as you can see below.
Performing a Linux Password Reset Outside the OS
The procedures in this section require you to have physical access to the Linux computer, whether physical or virtual machine.
Linux distros have pre-OS modes where users can troubleshoot problems. These modes give you instant access to the root shell, giving you the power to reset the password of any user, including the root.
Booting to the GRUB Menu
There are many different bootloaders available for various Linux distros. The following instructions will depict using the GRUB bootloader, which you can find in mostly Ubuntu-based Linux distros. While the procedure may differ, the same general idea applies.
To gain access to the root shell, you first need to boot your computer into the GRUB menu. To do so, reboot the computer. While the computer is rebooting, hold down the ESC or Shift key until you see the screen similar to the image below.
Resetting a Password in Recovery Mode
Once you have entered into the GRUB boot menu, follow the steps below to reset a password in the recovery mode.
The procedure in this section assumes that you know the root account password if the root account has a password.
1. On the GRUB menu, press the down arrow once or until you highlight the Advanced options for Ubuntu option and press Enter.
2. On the next page, highlight the Ubuntu, with Linux (recovery mode) option and press Enter.
3. On the Recovery Menu that follows, highlight the root option and press Enter.
If the root account has a password, enter the root password at the prompt and press Enter. If the root account does not have a password, press Enter to enter the root shell prompt.
4. At this point, even though you have logged in to the root shell, you only have read-only access to the root partition. Before you can make any changes, remount the file system in read-write mode by running the mount command below.
5. Next, run the passwd username command and enter the new password twice, pressing Enter after each time.
To reset the root password, run the passwd command without a username.
6. To exit the recovery mode and reboot the computer, type reboot -f , and press Enter.
Resetting a Password in Single-User Mode
If the Linux computer doesn’t boot normally, you can boot the computer to the single-user mode (a.k.a., maintenance mode). In this mode, the system gives you low-level access and minimal functionality to the Linux machine allowing you to attempt troubleshooting.
Fortunately, the maintenance mode supports running password reset commands. Also, booting into maintenance mode does not ask for the root password, even if the root account has a password. Meaning, resetting forgotten root passwords is also possible inside the maintenance mode.
Follow the steps below to perform a Linux password reset in maintenance mode.
1. On the GRUB screen, press the arrow keys to highlight the Advanced options for Ubuntu option and press e to open the editor.
2. Once the editor is open, locate the line that starts with linux and contains the ro entry. ro means that the root partition will be read-only. Use your arrow keys to move the cursor.
3. Next, change the value from ro to rw . Doing so ensures that the root partition will be in read-write mode.
Move the cursor to the end of the file and append init=/bin/bash , as shown in the image below. This added command makes the computer boot directly into the shell instead of the operating system environment.
4. After editing the boot commands, press CTRL+X to boot the computer into the single-user mode root shell.
5. On the root shell, run the commands to reset the password root user or any other users on the computer.
To reset a user’s password, run the passwd username command where username is the target user. Enter the password twice, pressing Enter after each prompt.
To reset the root password, run passwd and enter the password twice, pressing Enter after each prompt.
Finally, after changing the password(s), restart the computer by running the reboot -f command.
Reduce service desk calls & update cache credentials for remote users even off VPN with a self-service password reset solution. Get a Demo of Specops uReset!
Conclusion
Losing your Linux password does not necessarily mean losing access to the system forever. You or someone else can perform a Linux password reset and ultimately let you back into the OS.
The next time you get into a password snafu, don’t fret, keep calm, and apply the knowledge you have gained in this tutorial to reset a lost or forgotten password.
Hate ads? Want to support the writer? Get many of our tutorials packaged as an ATA Guidebook.