Rate this page

Reset a forgotten root password using a live distribution

Tested on

Debian (Lenny)
Ubuntu (Lucid, Maverick)


To reset the root password of a machine when it has been forgotten.

(This method is also applicable where the machine is administered from some other account using sudo, as is the default on Ubuntu.)


You are unable to log into the root account of a machine because you have forgotten the password. The machine has one hard drive with the following partitions:



In order to reset the password you need to mount the root filing system of the machine to be recovered, but without booting the operating system on that partition. A convenient way to do this is by means of a live GNU/Linux distribution: one that can be booted from a removable medium without being installed on the machine. It will need to:

A current version of Ubuntu or Knoppix will suffice for most purposes, but for specialised requirements you may need to look further afield (or even build your own). It is possible to recover a 32-bit (i386) system with a 64-bit (amd64) distribution, but not vice versa.

Boot into the live distribution

In order to boot into the live distribution you may need to reconfigure the BIOS to ensure that the machine boots from the relevant removable device in preference to the hard drive. Remember to revert any such changes when you have finished.

Mount the root partition

Mount the root partition of the system to be recovered:

mkdir /mnt/recover
mount /dev/sda2 /mnt/recover

It should not be necessary to mount any other partition unless you have an unusual configuration. Note that the live distribution will not necessarily assign the same device name to each hard drive as the system being recovered (but it should assign the same partition numbers).

chroot into the root partition

The chroot command allows you to move the filesystem root to some subdirectory of the current root. In this case you want to move it to /mnt/recover:

chroot /mnt/recover

This effectively makes you the root user of the system to be recovered. For example, the file that was /mnt/recover/etc/passwd now appears as /etc/passwd. Any commands you execute will use binaries from the hard drive, not the live distribution.

Change the root password

As the root user of the system to be recovered you should now be able to change the root password in the normal manner:


The passwords for other local accounts can be changed similarly:

passwd user

Because you are root, it should not be necessary to enter the previous password.

Note that passwords provided by a remote authentication protocol such as Kerberos or LDAP cannot be reset using this method.

Exit from the chroot

You can exit from the chroot shell in the same way as any other shell, for example using the exit command:


or by pressing control-D.

Unmount the root partition

umount /mnt/recover


Directly editing the password file

It is possible to achieve the same effect by directly editing the password file. This is significantly more risky than using the passwd command, but may prove useful if you can edit files but are unable to execute binaries.

The file you need to edit is /etc/passwd. Each line is a colon-separated list of fields, the first two of which are the username and password for an account. Here is a sample:


In each of these four entries of this example the password field is set to ‘x’, meaning that the encrypted password can be found in /etc/shadow. If you replace the ‘x’ (or whatever else is in the second field) with the empty string then no password will be needed:


It would be prudent to make a backup of /etc/passwd before making any changes, because the mapping between usernames and UIDs would be very tedious to reconstruct if it were lost. You should also consider isolating the machine from any networks while it is without a root password, as it will obviously be very insecure during this period.

The ‘x’ should be re-inserted before setting a new root password, otherwise it will be stored in /etc/passwd instead of /etc/shadow.

See also