Resetting a Root Password in Linux without External Media

Resetting a root password in Linux is a critical system recovery technique that allows administrators to regain access to their system without external media. This method works by temporarily modifying the boot process to gain direct root shell access. We'll demonstrate this using CentOS 8.2, but these procedures work with most Linux distributions, though some Debian-based systems may require slight modifications.

Prerequisites

• Physical access to the Linux server (cannot be performed remotely over a network)

• Basic familiarity with the Linux command line environment

• Ability to work quickly during the boot process

Step-by-Step Password Recovery Process

Step 1 − Interrupt the Boot Process

Restart your computer and interrupt the boot process at the GRUB bootloader screen. Press and hold the Shift key immediately after the BIOS/UEFI screen appears. Timing is critical here − you must act quickly as the GRUB menu appears for only a few seconds.

Step 2 − Edit Boot Parameters

Once the GRUB menu appears, highlight the normal boot entry (usually the first option) and press 'e' to enter edit mode. This opens the GRUB parameter editor where you can modify boot options.

Step 3 − Modify Kernel Parameters

Using the arrow keys, navigate to the line beginning with linux or linux /boot/vmlinuz. Locate the parameters ro quiet splash $vt_handoff and replace them with rw init=/bin/bash.

• rw − Mounts the root filesystem as read-write

• init=/bin/bash − Starts the system directly into a bash shell instead of the normal init process

Step 4 − Boot with Modified Parameters

Press Ctrl + X to boot the system with your modifications. The system will start and drop you directly into a root shell without requiring authentication.

Step 5 − Change Root Password

Now that you have root shell access, change the root password using the passwd command:

passwd root

Enter your new password when prompted. You should see a confirmation message indicating the password was updated successfully.

Step 6 − Restart the System

Complete the process by restarting your system:

reboot

Your system will now boot normally, and you can log in using the new root password.

Alternative Methods

If this GRUB-based method doesn't work on your system, alternative approaches include:

• Using a Live USB/CD to mount the root filesystem and modify /etc/shadow

• Single-user mode recovery (available on some distributions)

• Emergency mode access through systemd targets

Security Considerations

This method highlights why physical security is crucial for Linux systems. Anyone with physical access can potentially reset passwords using this technique. Consider implementing:

• GRUB password protection to prevent unauthorized boot parameter modifications

• Full disk encryption to protect data even with physical access

• Secure physical access to critical servers

Conclusion

Resetting a root password through GRUB modification is an effective recovery method that requires only physical access to the system. By temporarily changing boot parameters to launch a root shell, administrators can quickly regain control of their Linux systems. Remember that this technique works on most Linux distributions but may require slight variations depending on your specific setup.