Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-27-2018 11:32 PM Edited on ‎11-03-2024 07:49 AM By Moderator

Article Id 194287

Technical Tip: CentOS 5 password recovery

Description

 
This article describes how to reset the root password for the CLI when it has been lost or forgotten on a CentOS 5 system.  This procedure can be done on hardware and VM.
 
Note:  This procedure requires a reboot of the appliance.
 
Scope
 
FortiNAC.


Solution


Access the local console (in hardware or the VM) and execute the following procedure:

 
  1. Boot appliance to its bootup sequence.
  2. Wait for the 'GRUB' menu.
  3. Interrupt the boot process at this point by pressing the space bar.
  4. A menu will appear that looks something like this:

     

(This menu is specific to openSuSE 10.1 systems.)

NACServer
NACServer(SCSIRAID)
MemoryTest
NACServerkernel‐2.6.22.5‐31
NACServerkernel‐2.6.22‐bsc3(SMP‐capablekernel) 

 

(This menu is specific to CentOS systems.)

Memtest86+ (1.65)
CentOS (2.6.18­164.el5)
CentOS (2.6.18­164.el5) w/Serial Console

One of the above lines will be highlighted.

This means that if the boot process was not interrupted, this is the operating system and kernel that would have been used.

Use the highlighted default operating system / kernel.

Note: With CentOS, the option 'CentOS (2.6.18­164.el5)' seems to work.

Press the 'e' key to edit.
At this point, a couple of lines will appear that will look something like this:

root(hd0,1)
kernel/boot/vmlinuz‐2.6.22‐bsc3root=/dev/sda2console=tty0
console=ttyS0,9600n8
initrd/boot/initrd‐2.6.22‐bsc3


Using the cursor key, move down to the line that starts with the word 'kernel'.

 

 

  1. Press the 'e' key to edit this line.
  2. Move to the end of the line, and append 'single' to the end of this line.

    It is important to make sure that there is a space between the 'single' and the line being edited.

    Example:


kernel/boot/vmlinuz‐2.6.22‐bsc3root=/dev/sda2console=tty0console=ttyS0,9600n8 single

 

  1. Hit return to finish editing the line. 
    Note: You are specifying a command­ line parameter to boot the kernel in single user mode.
  2. Press 'b' to boot the kernel.

    At this point, boot it into single ­user mode.
    At the end of the boot sequence, the following prompt will be presented:

 

Note:

The # prompt in single user mode should be returned within 1 minute after reaching the SElinux line.

If the boot sequence stops and stays on the SELinux for more than 1 minute:

 

SELinux: disabled at runtime type=1404 audit(1461810656.761:2): selinux=0 auid=4294967295 ses=4294967295

 

Reboot and repeat steps 1 through 8, but select another OS in step 4.

 

  1. Type passwd root
  2. Type in the new root password.
  3. Type reboot to boot into the regular mode.
  4. Log in with the new root password to confirm it works.
  5. Once a known password has been created, reset the CLI password via the Configuration Wizard. For instructions, refer to the related KB article below. Use the newly created password as the existing password.

 

Related articles:

Labels:
2504
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.