FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
alaxkar
Staff
Staff
Article Id 352122
Description This article describes step by step how to reset the root password if it is forgotten and it is impossible to log in. 
Scope FortiSIEM.
Solution

To reset root credentials, follow the steps below.

 

Step 1. Reboot the system, access the console, and press 'e' to edit the grub menu.

 

edit grubedit grub


Step 2. Once accessed the GRUB shell, scroll down until the line beginning with 'Linux'. Use the right arrow key to navigate to the end of that line, and then add the necessary line.

 

rd.break enforcing=0

 

add parametersadd parameters


GRUB has changed some lines:
On newer versions of Rocky Linux (and RHEL-based distros), the process of entering single-user mode or emergency mode to reset the root password has changed due to security enhancements like SELinux and console= redirections. The presence of a console= line in the GRUB kernel parameters can interfere with the standard output/input and cause rd.break to fail or land in an unexpected shell.


So it is necessary to remove console=tty0 line and then add the line below:

 

rd.break enforcing=0


Step 3. Login in emergency mode by pressing CTRL + x. This will enter the system in rescue mode.


Step 4. Remount /sysroot with the 'read write' mode.

 

mount -o rw,remount /sysroot

 

Change the Directory environment with the below command.


chroot /sysroot

 

mountmount

 

Step 5. Reset the root password with the 'passwd' command.

 

passwd root

 

After that, exit from /sysroot from the exit command:

 

exit

 

Log in with new credentials from the root.