Reset Root Password in CentOS 7

Forgetting the password to the root account on your Linux machine can sometimes cause many issues, especially if there are no other accounts on the machine, or they do not have ‘sudo’ access. No worries however, we’ll show you how to reset your root password in this guide.

Fortunately, resetting the root password on CentOS 7 is not difficult. The only prerequisite needed to complete this task is console access – either physically or virtually. In this example, we will be resetting the root account password on a virtual machine located on a Proxmox hypervisor.

The method we’ll be using is one that has always worked well for us, and is fairly commonly seen across the internet.

Password Reset Steps:
  1. Restart your CentOS 7 machine. Quickest way would be to press CtrlAltDelete.
  2. By default, the GRUB menu should appear at boot-time. This allows you to select a kernel to boot into.
    Once it appears, press ‘e‘ to edit the kernel parameters.
    GRUB menu with default kernel selected
  3. Scroll down using your arrow keys to the line starting with ‘linux16‘. In the middle, you will see ‘ro‘.
    Editing boot parameters within GRUB
  4. Change this to ‘rw init=/sysroot/bin/sh‘.
    Editing boot parameters within GRUB
  5. Press ‘Ctrl-x‘ to boot into the operating system with the temporarily modified parameters. You will now enter an emergency shell (“single-user mode”).
  6. Run ‘chroot /sysroot‘.
    In short, this command changes the emergency shell’s root directory to appear as the operating system’s root directory, allowing us to run commands and edit files on the proper filesystem. If we did not run this command, we could end up changing the password of the root account of the emergency shell, which is useless to us.
  7. Run ‘passwd root‘.
    It will prompt you to enter a new password for the root account, and to confirm it.
  8. Run ‘touch /.autorelabel‘.
    This creates a file in the root directory that, upon rebooting, informs the SELinux subsystem to update the SELinux contexts across the filesystem.
  9. Run ‘reboot -f‘. This will immediately restart your machine.
    Running commands in emergency shell to reset root password
  10. You should now be able to log into the machine using the root account and the new password that you set.
    Picture showing successful authentication after changing root password in emergency shell

Ensuring your password is secure is important, but preventing brute force login attempts can help further secure your system. Learn to do so in the following post: https://blog.xenspec.com/change-the-ssh-port-in-centos-7/