How to Reset Forgotten Root Password in Debian 10

In this brief tutorial, you will learn how to reset a forgotten root password in a Debian 10 system. This will help you regain the ability to log in as the root user and carry out administrative tasks.

So, first power on or reboot your Debian 10 system. You should be presented with a GRUB menu as shown below. On the first option, proceed and press the ‘e’ key on the keyboard before the system starts booting.

Debian Grub Menu
Debian Grub Menu

This ushers you to the screen shown below. Scroll down and locate the line that begins with ‘linux’ that precedes the /boot/vmlinuz-* section that also specifies the UUID.

Grub Kernel Parameters
Grub Kernel Parameters

Move the cursor to the end of this line, just after ‘ro quiet’ and append the parameter init=/bin/bash.

Next hit ctrl + x to enable it to boot in single-user mode with the root filesystem mounted with read-only (ro) access rights.

For you to reset the password, you need to change the access right from read-only to read-write. Therefore, run the command below to remount the root filesystem with rw attributes.

:/# mount -n -o remount,rw /
Mount Debian Filesystem
Mount Debian Filesystem

Next, reset the root password by executing the good old passwd command as shown.

:/# passwd
Reset Root Password in Debian
Reset Root Password in Debian

Provide the new password and retype it to confirm. If all went well and the passwords match you should get a ‘password updated successfully’ notification at the end of the console

Finally press Ctrl + Alt + Del to exit and reboot. You can now log in as the root user using the newly created password that you just defined.

And that’s how you reset a forgotten root password on Debian 10.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

James Kiarie
This is James, a certified Linux administrator and a tech enthusiast who loves keeping in touch with emerging trends in the tech world. When I'm not running commands on the terminal, I'm taking listening to some cool music. taking a casual stroll or watching a nice movie.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

14 Comments

Leave a Reply
  1. Hello,

    I have this error :

    “Authentification token manipulation error”

    and I can’t modify /etc/shadow permission

    Have you an idea please?
    Thanks

    Reply
    • @Zafibiky,

      The error could be caused by the filesystem being mounted as read-only. To resolve this, you may need to remount it with read-write permissions.

      sudo mount -o remount,rw /
      

      Following this, perform a filesystem check to ensure the integrity of the filesystem.

      sudo fsck /
      
      Reply
    • One year later, I hope you did find the answer in the mid-time. You simply have to select the second line where the mono/multi-user environment is set to single. It worked for me, I saw the message loading the keyboard drive and it did the trick.

      Thanks James, I knew the way to do it but here the explanations are very simple to follow. Brilliant.

      Reply
  2. Hello!

    I have not used my Debian 10 for almost a year. When trying to log back on, I keep getting the message that my password is incorrect, even after I followed all the steps in this article. I tried with different user names as well, but I know for sure that the first try was correct. What can I do in this case?

    Thanks!

    Reply
  3. Hi,

    When the GUI comes up, so far as I know, you cannot log in as root, you have to login as a user that you set up when you installed the system. So how does changing the root password help when it’s the user password you use to login and the one most people will need/have forgotten?

    Reply
    • Hey Hugo, while you cannot log in as root via the GUI, changing the root password is helpful if you want to make system changes that require elevated privileges provided for by the root user. Imagine a situation where you want to changes to the system or add /remove new users but you have forgotten the root password.

      Additionally, if you want to change a regular user’s password, you can do so in the very last step. Simply run

      # passwd username
      
      Reply
  4. After I do all that, my installation boots to a prompt that says, “enter root password or press e to continue.”

    Reply
    • Hey David. Whilst the main purpose of this article is to show users how they can reset the root password, you can also configure your system to disable editing of the grub menu parameters. This effectively locks out anyone who would want to reset the root password.

      Reply
    • Do people have physical access to your servers? Bad
      Do people have access to your management/time? Bad

      Can’t help the above? Use Luks Encryption

      Reply
    • In IT, there’s been a saying for almost forever: ‘If I can touch your box, I own your box.’ Physical security is the last layer of security. If a stranger has access to someone’s box, you have a problem.

      Almost every single piece of network and IT equipment has some form of physical reset, or the landfills would be full of perfectly functional equipment that just cannot be accessed

      Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.