Recover a Linux installation after loosing the administrator user password
- Download a Linux live CD
- Burn the ISO to a CD
- Boot the machine with lost password from the CD
- Start terminal
- From the terminal, execute the following:
It can be any linux distro as long as your architecture is the same as the installation.
Lets go with Ubuntu desktop, because instructions may be slightly different for different
distros.
https://ubuntu.com/download/desktop/thank-you?version=20.04.2.0&architecture=amd64
In the case of Ubuntu, you will have the option to “Install Ubuntu” or “Try Ubuntu”.
Select “Try Ubuntu”, otherwise you risk formatting your disk(s).
(You might have to select a language somewhere in the process)
When Ubuntu desktop is ready, click on “Activities” or press the Windows button. When
activity search appears, type “term” – the “Terminal” app should appear – open it.
sudo bash # You should now be "root" user
Use any combination of the following commands to get information about partitions:
fdisk -l lsblk
Valid entries should look like this:
/dev/sd*
/dev/nvme*
mkdir -p /mnt/linux
The partion where Linux is installed, should typically have an “ext4”
filesystem if it is a recent version of Ubuntu, but it may be different if
other options or distros were installed. Here is an example of how you would
check if a partition (e.g. /dev/sda1) contains linux:
mount /dev/sda1 /mnt/linux ls /mnt/linux/boot
If anyone of these fails, Linux is not on it. You can umount the partition with the following command
if this is the wrong partition before moving on to check another partition:
umount /mnt/linux
chroot /mnt/linux
If this fails, this is not the partition you are looking for. However, if the installation is a x86 installation
it will not work if you booted an amd64 cd. The error message should be very clear and you should
then download an older version of Ubuntu or Lubuntu that is x86 – you can use this link:
https://cdimage.ubuntu.com/lubuntu/releases/18.04.5/release/lubuntu-18.04.5-desktop-i386.iso
If the chroot command succeeded, you should now be root user in the installed linux and you
can manipulate the users and configuration. To create a temp user with admin rights, do the following:
useradd -d /home/tempadmin -m -s /bin/bash -g users -G sudo tempadmin passwd tempadmin
(You can also change existing user passwords using passwd command)
Now edit ssh configuration to make sure you can log in via ssh: (this tutorial
assumes openssh-server was installed on the machine.
nano /etc/ssh/sshd_config
You need to comment out “AllowUsers” or “AllowGroups” lines, since they might block your new user.
You also need to enable “PasswordAuthentication yes”
On the server in question, the rest of the settings should be ok. Save the and close the file (Ctrl+X)
unmount /mnt/linux
Once machine is booted completely, follow these steps:
- First log in with your newly created username
- Open a terminal and get the address with one of the following commands:
ip a ifconfig
ping 8.8.8.8 ping www.google.com
Now you can test ssh access using the address you got earlier trying to ssh to the machine from a different workstation.
ssh tempadmin@
If the only other machine you have is a Windows without Linux For Windows installed, you can download Putty from
https://www.ssh.com/ssh/putty/download
The last thing you need to check is if the user is an administrator:
sudo bash whoami
You would need to enter your password, but then whoami should report
that you are root.
