Have you ever forgot the root password of your server?
Mariann Csorba

Have you ever forgot the root password of your server?

Mariann Csorba

We are all human beings and do not work like flawless creatures of artificial intelligence, we are prone to make mistakes and forget things. Although, sometimes we forget crucial information which might be essential to our daily life, like the root password of our server. For a sysadmin it can be a real disaster if s/he cannot log into the server. What can you do if this happens with you? Follow our easy step by step instructions, which will solve this matter.  Save this list and you will never have to stress about the lost or forgotten password again.





First of all, if you forget the root password of your Debian system, do not panic! We have several solutions that you can execute with ease.:

Password Reset Using “Grub”:


Version A

  • Restart your server and press “Shift” for a long time during the boot, in order to access Grub.
  • Press the down arrow and choose “recovery mode”
  • After this, the booting process starts and you will see the recovery mode. With the aid of the down arrow, choose the “root” line and press Enter.
  • Now, write this command: passwd (insert your username here) . 
  • The program will ask for a new UNIX password, and its confirmations.
  • Finally, enter reboot, and you are all set :)


Version B

Boot into Grub, select “single user” but do not press enter.

  • Press “e” to go into edit mode.
  • Scroll down to the kernel line you will boot from, it starts with “linux /boot/vmlinuz-…….”
  • Scroll to the end of that line and press “space”  once and type init=/bin/bash
  • Press Ctrl X to boot

# Remount / as Read/Write

mount -rw -o remount /

# Change the root account password with:


# Change any other account password with:

passwd (insert the username here)

# type new password, confirm and hit enter, then reboot.




Password reset with Live CD or USB


  • Boot the server from a portable data medium.
  • Attach the drive.
  • Press ALT+F2 key combination to view the “running applications” window.
  • Write gksu nautilus command to run the taskmanager as root.
  • Open the root directory of the attached driver and enter to the etc directory
  • Look for the file called “shadow” and create a backup just for the sake of security.
  • Edit the original file: Search the user who forgot the password.
  • It should look like the following:

          username:$1$2abCd0E or


  • Delete the characters between the first and second colon, which will erase the password of the user.
  • As a second option, you can change the characters.
  • Save the file and reboot the server.


Resetting the root account password in a Container


This works flawlessly on Ubuntu 14.04.4 LTS:

  • In the script that rebuilds the container (which should be running on the “host”), add these lines:
  • $PASS='’
  • echo -e “$PASS\n$PASS” | sudo docker exec -i passwd

We hope these tips will help you and you do not have to worry about accessing your server again. Do you have any other solutions to handle this situation? Don’t hesitate, share your tricks with us anytime!

Share your ideas with us about this article

Previous posts

Our user greylisting feature is one year old
It has been exactly a year now since we released our user greylisting feature. We have received feedback from you that has helped us to develop all of our modules and features. Thank you for all of your past cooperation and for your current support, and for using BitNinja daily. The user greylisting feature has been proved quite efficient, as most of our clients are using it every day. Our support staff received lots of requests from clients to manage the greylisted IPs on their own servers before we began this development. Fortunately, we could successfully cope with this issue and our magica...
The most common attacks against websites
I’m sure you’ve heard about the recent headlines about the hacked cameras with the system default passwords or how IoT (Internet of Things) devices can serve as botnets in huge DDoS attacks against the most frequently visited websites. One of these kinds of attacks was a DDoS attack against Dyn, the internet infrastructure company responsible for routing internet traffic. It caused outages in multiple large traffic websites like Twitter, Netflix, Reddit, Spotify, and Tumblr. In the case of a worse kind of black Friday, these websites were inaccessible for a couple of hours.   &n...