Harley Hahn
Home Page

Send a Message
to Harley

A Personal Note
from Harley Hahn

Unix Book
Home Page

List of Chapters

Table of Contents

List of Figures

   1   2   3
   4   5   6
   7   8   9
  10  11  12
  13  14  15
  16  17  18
  19  20  21
  22  23  24
  25  26


  A  B  C
  D  E  F
  G  H


• Alphabetical
• By category



Errors and



Home Page
& Overview

& Answers

The Unix Model
Curriculum &
Course Outlines

PowerPoint Files
for Teachers

Appendix E...

What to Do If You Forget the Root Password

When you use your own Unix system, you are the system administrator, which means there is no one to help you if something goes wrong.

So what do you do if you forget the root (superuser) password?

Here are the steps to follow to solve this problem for a typical Linux system. The actual details may vary a bit from one system to another, but what you read here should work with most modern Linux distributions.

I won't explain all of the commands in detail, because that would take us into the realm of system administration, which is beyond the scope of this book. If there is a command you don't understand, just look it up in the online manual or ask someone for help.

If you have sudo privileges (see Chapter 6), you may be able to change the root password quickly by using the command:

sudo passwd root

You will find that more elaborate measures are necessary if you don't have sudo privileges, or if your system is configured in such a way that sudo will not let you change the root password.

The general strategy is to take control of the computer by booting from a live Linux CD. Then mount the main (root) file system that resides on your hard disk. Once this is done, you can use the mount point as the root of the file system, and then change the root password with the standard passwd program.

  1. Boot Linux from a live CD.
  1. Press <Crtl-Alt-F1> to get to a command line.
  1. Change to superuser:

sudo su

  1. Start the partition table editor:


(If your system does not have parted, you'll have to use another partition editor such as fdisk, cfdisk or sfdisk.)

  1. Within parted, display the partitions on your primary hard disk:


  1. Write down the device name for the hard disk that contains your Linux system, most likely /dev/hda or /dev/sda.
  1. Write down the number of the root partition, for example, partition number 2.

If you are not sure which is the root partition, look for a file system type of ext3, ext2, reiserfs or xfs. If there is more than one such partition, write down all their numbers.

  1. Stop the parted program:


You should now be back at the shell prompt.

  1. Create a mount point for the file system that resides on the hard disk. (In this example, I will call it harley):

mkdir /mnt/harley

  1. Mount the root file system from the hard disk by using the device name and partition number you got from parted. For example, if your device name was /dev/hda and your partition was number 2, you would use the command:

mount /dev/hda2 /mnt/harley

If, in step 7, you found more than one possible partition, choose one of them. If it doesn't work, you can try another.

  1. Confirm that you have mounted the root partition. To test this, see if the shadow file (/etc/shadow) — the file that contains the passwords — lies in that partition:

ls /mnt/harley/etc/shadow

If the password file isn't there, you have not mounted the root partition. Go back to step 10 and try a different partition. Continue until you have successfully mounted the root partition.

  1. Change the root password on the hard disk system.

There are various ways to do this. The simplest strategy is to run the passwd command using the new mount point as the root of the file system. This can be done with one simple command:

chroot /mnt/harley passwd

This chroot (change root) command means: "Change the root of the file tree temporarily to /mnt/harley, and then execute the command passwd."

Since you are in superuser mode, the passwd command will change the root password. And since the file system root is temporarily /mnt/harley, the password file that will be used is the one on the hard disk (/mnt/harley/etc/shadow).

In this way, you are able to change the root password for the system on the hard disk.

  1. Remove the CD, reboot from the hard disk, and test to make sure the password was changed correctly.

What's in a Name?


Within Unix, the name "root" has four different meanings:

  • The userid of the superuser.
  • The name of the directory that is the starting point of the Unix file tree.
  • The name of the main Unix file system.
  • The name of the disk partition that contains the root file system.

Notice that, within the short set of instructions in this appendix, we have managed to use the word "root" in all four ways.

That is, we mounted the root file system that resides in the root partition, in order to make the mount point the root of the Unix file tree so we could change the root password.

Jump to top of page