Skip to main content

Linux: Change forgotten root password with init=/bin/bash (change GRUB boot configuration), set GRUB password

330 words·
Linux root password GRUB
Table of Contents

The following tutorial changes the GRUB boot configuration to boot into a bash shell, bypassing the usual system startup process.

Change forgotten Root Password
#

Version 1
#

  • Reboot the Server
  • Hold “Shift” to open the GRUB Boot Loader
  • Select the OS that you want to boot into
  • Press “e” to open the boot loader configuration commands
  • Scroll down till you find the line that begins with “linux”
  • Change ro (read only) to rw and add the parameter init=/bin/bash
  • Boot with “Strg” + “x” or “F10”
  • Wait for the root prompt root@(none):/#
  • Change the root password with: passwd
  • Reboot the server with: reboot -f or exec /sbin/init

Version 2
#

  • Reboot the Server
  • Hold “Shift” to open GRUB Boot Loader
  • Select the OS that you want to boot into
  • Press “e” to open the boot loader configuration commands
  • Scroll down till you find the line that begins with “linux”
  • After ro add the parameter init=/bin/bash
  • Boot with “Strg” + “x” or “F10”
  • Wait for the root prompt root@(none):/#
  • Mount the system with: mount -n -o remount,rw /
  • Change the root password with: passwd
  • Reboot the server with: reboot -f or exec /sbin/init

Appendix
#

In the english and german keyboard layouts the folowing keys are interchanged:

English = German
- = /
´ = =


GRUB password protection
#

Set a GRUB password to prevent changes int the GRUB boot configuration.

Create encrypted password
#

# Create encrypted password
grub-mkpasswd-pbkdf2

# Shell output:
Enter password: # Define your PW
Reenter password: # Reenter your PW

PBKDF2 hash of your password is grub.pbkdf2.sha512.10000.DCF52086369F43B3B1A2C3133C384765C590AB5D783B039E80A7190D04DBE2B3BAE3C9558781A1F409B347B7B6193B34F651A0A526A329FB19155F66405A52AD.C0340AFC489D94480257B31956B51D0B1228ABD70F6CF5C62A2128B77FFFAF9067D326143E89A252B09835878649EAC29628870B9E5BA5D86D9288772507F09F

Add password
#

# Edit to GRUB custom entry file
sudo vi /etc/grub.d/40_custom

# Add the user and the encrypted password
set superusers="root"
password_pbkdf2 root grub.pbkdf2.sha512.10000.DCF52086369F43B3B1A2C3133C384765C590AB5D783B039E80A7190D04DBE2B3BAE3C9558781A1F409B347B7B6193B34F651A0A526A329FB19155F66405A52AD.C0340AFC489D94480257B31956B51D0B1228ABD70F6CF5C62A2128B77FFFAF9067D326143E89A252B09835878649EAC29628870B9E5BA5D86D9288772507F09F 

Update GRUB
#

# Update the GRUB configuration file
sudo update-grub

Reboot
#

Reboot the server with: reboot

After the reboot you are prompted to enter the username and password:

# Shell Output:
Enter username:
root # Enter your username
Enter password: