How To Reset Linux Password – Passwd Command Line Tutorial

by

Locked out of a standard Linux installation? Booting into recovery mode gives you root shell access to change any user password. This guide covers how to reset linux password using multiple methods, from recovery mode to live USB tools, so you can regain access quickly and safely.

Forgetting a password happens to the best of us. Whether you’re managing a server or a personal desktop, the process is straightforward once you know the steps. Below, we break down the most reliable techniques for resetting a Linux password, with clear instructions for beginners and advanced users alike.

How To Reset Linux Password

This section covers the core methods for password recovery. Each approach works on different Linux distributions like Ubuntu, Debian, Fedora, or CentOS. Choose the one that fits your situation best.

Method 1: Reset Password Using Recovery Mode (Grub)

Recovery mode is the easiest way to reset a password if you have physical or console access to the machine. It works on most Ubuntu-based systems.

  1. Restart your computer and hold down the Shift key (or press Esc on some systems) to open the GRUB boot menu.
  2. Select the kernel entry that ends with “(recovery mode)” and press Enter.
  3. From the recovery menu, choose “root – Drop to root shell prompt”.
  4. Your filesystem will be mounted as read-only. Remount it as read-write by typing: mount -o remount,rw /
  5. Now reset the password for your user account: passwd yourusername
  6. Enter a new strong password twice. You won’t see characters as you type.
  7. Type exit to return to the recovery menu, then select “Resume normal boot”.
  8. Log in with your new password.

If you don’t see the recovery mode option, you can manually edit GRUB entries. At the boot menu, press e to edit the selected kernel line. Find the line starting with linux and add init=/bin/bash at the end. Press Ctrl+X or F10 to boot. This drops you directly into a root shell.

Once in the shell, remount the filesystem with mount -o remount,rw / and run passwd yourusername. After changing the password, type exec /sbin/init to reboot normally.

Method 2: Reset Password Using A Live USB

When recovery mode isn’t available, a live USB gives you full access to the hard drive. This method works on any Linux distribution.

  1. Create a bootable Linux USB drive (Ubuntu or any live distro).
  2. Boot from the USB and select “Try Ubuntu” (or the live environment option).
  3. Open a terminal window.
  4. Identify your system’s root partition: lsblk or fdisk -l. Look for partitions like /dev/sda1 or /dev/nvme0n1p2.
  5. Mount the root partition: sudo mount /dev/sda1 /mnt (replace sda1 with your partition).
  6. Chroot into your system: sudo chroot /mnt
  7. Now reset the password: passwd yourusername
  8. Type the new password twice, then exit the chroot: exit
  9. Unmount the partition: sudo umount /mnt
  10. Reboot and remove the USB drive. Log in with your new password.

This method is foolproof because you have full control over the filesystem. Make sure you know the exact username you need to reset. If you forgot the username, check the /home directory while in the live environment.

Method 3: Reset Password Using Single User Mode (For Servers)

On enterprise Linux distributions like RHEL, CentOS, or Fedora, single user mode is the standard recovery method. It’s similar to recovery mode but uses a different boot parameter.

  1. Reboot the server and interrupt the GRUB boot process by pressing e on the kernel entry.
  2. Find the line starting with linux or linux16. At the end of that line, add single or 1 (without quotes).
  3. Press Ctrl+X or F10 to boot into single user mode.
  4. You’ll get a root shell. The filesystem is usually mounted as read-only. Remount it: mount -o remount,rw /
  5. Change the password: passwd yourusername
  6. Type reboot to restart the system.

For older systems using SysV init, you might need to use init=/bin/sh instead of single. The process is identical after that.

Method 4: Reset Password Using Systemd Rescue Mode

Modern Linux distributions use systemd, which includes a built-in rescue mode. This method is clean and doesn’t require editing kernel parameters.

  1. At the GRUB menu, press e to edit the kernel entry.
  2. Find the line starting with linux. At the end, replace quiet splash (or similar) with systemd.unit=rescue.target.
  3. Press Ctrl+X or F10 to boot. You’ll be prompted for the root password.
  4. If you don’t know the root password, use the previous method with init=/bin/bash instead.
  5. Once in rescue mode, remount the filesystem: mount -o remount,rw /
  6. Reset the password: passwd yourusername
  7. Type exit or press Ctrl+D to continue booting normally.

Systemd rescue mode is preferred on systems with encrypted partitions because it properly initializes the environment before dropping to a shell.

Method 5: Reset Password Using Init=/bin/bash

This is the most direct method and works on almost all Linux systems. It bypasses the normal init process and gives you a root shell immediately.

  1. Boot into GRUB and press e on the kernel entry.
  2. Find the line starting with linux. At the end, add init=/bin/bash.
  3. Press Ctrl+X or F10 to boot. You’ll get a root shell.
  4. The filesystem is mounted as read-only. Remount it: mount -o remount,rw /
  5. Reset the password: passwd yourusername
  6. If SELinux is enabled, you might need to run touch /.autorelabel after changing the password. This ensures the security context is updated.
  7. Type exec /sbin/init to reboot properly, or reboot -f for a forced restart.

Be cautious with this method on systems using full disk encryption. You’ll need to unlock the encrypted partition before you can access the filesystem. In that case, use the live USB method instead.

Method 6: Reset Password Using A Root Shell From Grub

Some GRUB configurations allow you to boot directly into a root shell without editing kernel parameters. This is rare but worth knowing.

  1. At the GRUB menu, press c to open the GRUB command line.
  2. Type ls to list available partitions. Find your root partition (e.g., (hd0,msdos1)).
  3. Set the root partition: set root=(hd0,msdos1)
  4. Load the kernel: linux /vmlinuz root=/dev/sda1 init=/bin/bash (adjust paths and device names).
  5. Boot with: boot
  6. You’ll get a root shell. Remount and change the password as described above.

This method is useful if your GRUB menu is corrupted or you want to avoid editing entries manually. It requires knowing your partition layout and kernel file names.

Common Issues And Troubleshooting

Even with clear steps, things can go wrong. Here are the most frequent problems and how to fix them.

Filesystem Is Read-Only

If you forget to remount the filesystem as read-write, the passwd command will fail with a “Read-only file system” error. Always run mount -o remount,rw / before changing the password.

Wrong Username

If you type the wrong username, the system will say “Unknown user.” Check the /home directory or /etc/passwd file to confirm the exact username. Use cat /etc/passwd | grep /home to list users.

Encrypted Home Directory

Some systems use encrypted home directories (e.g., eCryptfs). After resetting the password, you might need to re-encrypt the mount passphrase. Use the ecryptfs-recover-private command from a live environment to recover the data.

SELinux Or AppArmor Interference

Security modules can block password changes. If you see “Permission denied” errors, try running setenforce 0 temporarily (if SELinux is enabled) or disable AppArmor with systemctl stop apparmor. Remember to re-enable them after the reset.

Grub Password Protection

Some systems have a GRUB password set. You’ll be prompted for a password before you can edit boot entries. If you don’t know the GRUB password, you’ll need to use a live USB to bypass it. Boot from the live USB, mount the boot partition, and edit the /boot/grub/grub.cfg file to remove the password line.

Best Practices After Resetting Your Password

Once you’ve regained access, take these steps to prevent future lockouts.

  • Write down your password in a secure location, like a password manager.
  • Set up SSH key authentication for remote servers to avoid password-based logins.
  • Create a recovery user with sudo privileges as a backup.
  • Enable automatic updates to keep your system secure.
  • Test your new password by logging out and back in.

If you’re managing multiple servers, consider using a centralized authentication system like LDAP or FreeIPA. This way, you can reset passwords from a single dashboard.

Frequently Asked Questions

1. Can I reset a Linux password without rebooting?
No, most methods require a reboot to access recovery mode or a live environment. However, if you have sudo access, you can change another user’s password with sudo passwd username without rebooting.

2. What if I forgot the root password and the user password?
Use the live USB method. Boot from the USB, mount the root partition, and reset any user password, including root. You don’t need the old password.

3. Does resetting the password affect encrypted data?
If your home directory is encrypted with LUKS or eCryptfs, resetting the password won’t affect the encryption keys. You’ll still need the original encryption passphrase to decrypt the data. If you forgot that too, the data is likely unrecoverable.

4. How do I reset a password on a remote server?
If you have physical access, use the methods above. For remote servers, you’ll need out-of-band management (like iDRAC, iLO, or IPMI) to access the console. Alternatively, contact your hosting provider for a recovery console.

5. Is it safe to reset a password using recovery mode?
Yes, it’s safe as long as you follow the steps correctly. The process doesn’t modify any system files other than the password hash. Always use a strong, unique password after recovery.

Now you know how to reset linux password using six different methods. From recovery mode to live USBs, each approach is reliable and tested. Keep this guide bookmarked for emergencies, and always maintain a backup access plan for your systems.