How to reset forgotten root password on CentOS 7 / CentOS 8

Prerequisites

You need to have console access to the node via a hypervisor if it's a VM or physical access if it's bare metal.

Step 1: Reboot the node

We need to access the grub bootloader so we need to reboot or stop/start the node and open the node console to interact with it.

Step 2: Edit grub bootloader

When you see kernel options like the screenshot below, press E on the selected kernel to edit the grub bootloader script.

This prompt is timed so If you miss it, you will need to reboot again. You can hit up or down arrow keys to stop the timer so you don't have to worry about missing the prompt.

Find the kernel line starting with linux16 for CentOS 7 or linux on CentOS 8.

Change ro (readonly) to rw (read/write) and add init=/sysroot/bin/sh after it. See the highlighted text in the screenshot below and compare it with the screenshot above.

After you made the changes press CTRL + X to boot in single user mode

Step 3: Change root dir to /sysroot

After the server is booted, run chroot to change apparent root dir to /sysroot and make it the path for executing commands

chroot /sysroot

Step 4: Change the root user password

Run passwd:

passwd

It will prompt you for the new password, enter a new password for the root user.

Step 5: Relabel the filesystem for SELinux

touch /.autorelabel

This will tell SELinux that the filesystem has changed so that SELinux load the new changes on the next reboot

Step 6: Exit the chroot environment

exit

Step 7: Reboot

reboot

You should be able to login with the new root password after the system boots.

Conclusion

We can easily recover the root password for CentOS 7 / RHEL 7 and CentOS 8 / RHEL 8. All we need to have is console access to the node. In this tutorial we covered how to reset the root password for CentOS / RHEL nodes.

RECENT POSTS

Table of Contents