How to Reset Forgotten or Lost Root Password in Fedora

Read Time: 1 minCategories Fedora 13 Comments

A Linux system administrator can quickly reset a user forgotten password using passwd command, but what happens if the system administrator itself forgets the root password? In this article, we will explain how to reset a forgotten or lost root user password in Fedora Linux distribution.

Note that to reset the lost root user password, you must have physical access to the Fedora machine in order to access Grub settings to reset and reboot the machine. Additionally, if your Fedora system is encrypted, you will also get to know the LUKS passphrase.

Edit the Fedora GRUB Settings

To edit the Fedora Grub settings, you need to interrupt the boot process by restarting the Fedora machine and press E on your keyboard when you see the following GRUB menu:

Fedora Grub Menu
Fedora Grub Menu

After pressing E on your keyboard, you will get the following screen.

Edit Fedora Grub Settings
Edit Fedora Grub Settings

Use your keyboard arrow keys and go to the line linux as shown.

Go to the line Linux" in Grub Settings
Go to the line Linux” in Grub Settings

After finding the linux line, remove rhgb quiet and replace with the following.

rd.break enforcing=0
Edit Fedora Grub Boot Settings
Edit Fedora Grub Boot Settings

Once you have done with editing the line, press Ctrl-x to save and start the system.

Note: Adding enforcing=0, bypass performing an entire system SELinux relabeling. Once the system is restarted, restore the appropriate SELinux context for the /etc/shadow file as explained below in this article.

Mounting the Fedora Filesystem

Once the system started in emergency mode, you need to remount the hard drive with read-write permission using the following command on the terminal.

# mount -o remount,rw /sysroot
Mount Fedora Drive in Read & Write Access
Mount Fedora Drive in Read & Write Access

Set Forgotten Root Password in Fedora

Now run the following chroot command to access the Fedora system.

# chroot /sysroot

You can now reset the forgotten or lost Fedora root user password using passwd command as shown.

# passwd

Enter the new root user password twice when asked. If you are successful, you should get a message that all authentication tokens updated successfully as shown.

Reset Fedora Root User Password
Reset Fedora Root User Password

Type exit, twice to reboot the system.

Set SELinux Context on Shadow File

Log in as root user and type the following command to restore the SELinux label on the /etc/shadow file.

# restorecon -v /etc/shadow

Turn SELinux back to enforcing mode.

# setenforce 1

That’s all! If you face any issues while resetting forgotten or lost Fedora root user password, do ask in the comments section below.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Previous article:

Watchman – A File and Directory Watching Tool for Changes

Next article:

2 Ways to Create an ISO from a Bootable USB in Linux
Photo of author
Ravi Saive
I am an experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

Related Posts

13 Comments

Leave a Reply

  2. This was very useful and worked as described, with no difficulties.

    When I use su from my user account the prompt changes from $ to #. But keeps the user. I am used to Su being only root.

    I have not used Linux for a decade, has this changed? I would prefer only one Su account that is root.

    Is a new way better?

    Reply

  3. Hi,

    So, I followed all the steps until I was asked to ‘enter the root password (or press Ctrl+D to continue): ‘ during the process i.e.

    Ater ‘cd.break enforcing = 0’ and before ‘mount -o remount,rw /sysroot’.

    I am asked to ‘enter the root password (or press Ctrl+D to continue): ‘

    This should hot happen as described by the author in this post. Please let me know.

    Your help in resolving this is appreciated.

    Many thanks and regards

    Reply

  5. I can get to the emergency screen then I get:

    :/#

    on the last line, when I type the command it says can’t find /sysroot in /etc/fstab.

    Reply

  6. I have used this successfully in the past, but today, despite following the process, it is still failing to let me log in, but with no error message – it just returns to the user name prompt. Any idea what I’m doing wrong?

    Reply

  7. saved my day – the corporate requirement to have an accounting phrase of at least 15 characters now. Changed it yesterday, saved it to an encrypted USB key (need to log on first to read the file) and then forgot it the next day.

    Agreed Fedora has no relation in this solution, applies to all distro’s.

    Reply

    • After doing the exit twice.

      How can I log in as root for SElinux? where should I put restorecon and setenforce commands?

      Reply

      • @Chaitanya,

        SELinux is a security feature in Linux that adds an extra layer of access control. If you want to execute restorecon and setenforce commands after logging in as root, you can do so as follows:

        # restorecon -Rv /path/to/target
# setenforce 0   [enforcement mode]
# setenforce 1   [permissive mode]
        Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.