How to Change or Reset Forgotten Root Password in RHEL 9

Written by David Worthington on January 20, 2023

Share This Article


Contents


Jump to Tutorial

As a sysadmin, you’ll occasionally work on a system or inherit one with a root password that’s a mystery. Of course these situations always seem to occur at the worst possible moment, when you need immediate access. 

Thankfully, recovering a root password is not a complicated task. It can be accomplished in a few steps by accessing the kernel parameters from the GRUB bootloader.

In this guide, we’ll demonstrate how to change or reset a forgotten root password in RHEL 9.

Prerequisites

To successfully reset or change a forgotten root password in RHEL 9, you need physical access to the RHEL 9 system using a monitor and keyboard. This will help you to view and interact with the GRUB bootloader.

Step 1: Edit the Kernel Parameters

The first step is to boot into RHEL 9. Once the GRUB menu comes into view, press ‘e’ on the first boot entry to interrupt the boot process.

screenshot of code

Then you will be granted access to the kernel boot parameters. From here, you need to access “rescue mode.” 

To achieve this, locate the line that starts with linuxand navigate to the end. Next, include a space and append the following directive:

rw init=/bin/bash

This directive is used for system maintenance and allows a user to recover the system from corrupted initialization files or change a root password. 

The rw option mounts the root filesystem in “read-and-write” mode so that you can make the necessary changes to repair the system or reset a password.

screenshot of code

Next, press Ctrl + x to enter rescue mode.

Step 2: Reset the Root Password

Once you have accessed rescue mode, change the root password by running the command:

# passwd 

You will be prompted to provide the root password twice. So, provide your preferred new root password and confirm it.

Next, be sure to enable the SELinux relabeling process on the next system boot. Be careful and ensure you type the following command correctly:

# touch /.autorelabel

screenshot of code

Finally, reboot your system using either of the following commands (note, the shutdown command will capture a log of the action taken here):

# /sbin/reboot -f

# shutdown -r now ‘reset root password’

The system will restart and the SELinux autorelabeling process will commence as shown in the image below. This will take some time.

screenshot of code

Once the autorelabeling process is complete, the system will reboot once more, and this time around, let it boot uninterrupted.

screenshot of code

On the login prompt, provide your new root password in order to login. You can confirm that you are logged in as the root user as shown.

# whoami

screenshot of code

Conclusion

We have demonstrated how you can reset a forgotten root password on RHEL 9 using simple steps. 

As a precaution, you should always secure and limit physical access to your Linux system in order to prevent unauthorized users from changing the root password. Alternatively, you can encrypt your drive to add an additional layer of protection.

cross-platform management

Secure & Manage Linux Systems

Cross-OS device management for the modern organization

David Worthington

I'm the JumpCloud Champion for Product, Security. JumpCloud and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.

Continue Learning with our Newsletter