Omar
Infrastructure system engineer . Egypt

How to reset root password on Red Hat 7/8

Introduction

Root user or as we commonly say super user (privileged user) is the most dangerous user in our environment because of its powerful capabilities and authority, in fact there is no rule applied on the root user because simply it can neglect or delete any rule.

And as a result, experts advise not to log in as the root user to avoid any potential attacks that may happen and exploit the system, and of course with these privileges the harm will be inevitable.

One would ask, how can we use the commands that would need a certain privilege that exceeds the normal user?!

It`s a good legit question, and the answer is we grant the user to run commands with the root privileged via the sudo command by adding the user to wheel group.

wheel group

The wheel group is a special user group on some Unix systems that controls access to the su command, which allows a user to operate as another user (usually the super user), thus those who can use the super privilege are the sudoers.

Now to the main part, what if you forgot your root password or it got compromised?!!

To reset your root password in red hat Linux, you can try the following.

  • If you log in as the root user itself but want to reset the password

Prerequisite

  • You are able to log in or run the shell as root

Simply run the passwd command to change the password

Now, log out and sign in again with the new password to confirm the change

  • If you log in as a sudoer user that exists in the wheel group

Prerequisite

  • You are able to log in as a non-root user
  • You are a member of wheel group

Our user is not a wheel user yet

 So, to add a user to the wheel group, do the following

As we can see that unixcop now member of wheel group and can run commands that need super privileges

Here e are in unixcop user

At the time we can reset the root password via our normal user but must run the command started with sudo

The command executed perfectly, as a result the root password changed

Sign in to the root account with the new password so you confirm the change

  • If you log in as a non-privileged user

Prerequisite

  • You are able to log in as a non-root user

If you tried to reset the root password as a normal user it will fail, not only but report your failure attempt.

The Redhat Official Solution

Reboot your system then on the GRUB screen press e key

Press ctrl+e to jump to the end of the text then write rd.breake after the word quite

Press ctrl+x to start the system in the emergency mode

The file system is mounted as read-only in the /sysroot directory. Remounting the file system as writable allows you to change the password.

To enter the chroot environment which allows you to change the root password

Now you can reset the password simply by running passwd command

The root password successfully changed

Final step is to create a file with the name autorelabel to enable the SELinux relabeling process on the next boot

exit the chroot environment and exit the switch_root prompt

And wait for the relabeling and for the system to reboot

To verify the process try to login as the root (not recommended) or run the shell as root and enter the newly created password

Command

Conclusion

Root user is a very powerful yet a dangerous user due to its capabilities and privileges.

You must limit the access to this user by not log in as root as much as possible.

Password of the root user must be protected in a manner way, if this password got compromised you can reset it by the proper tools as we explained in our article.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

x