Kamran Agayev's Oracle Blog

Oracle Certified Master

Change forgotten password of the root user at the Linux server

Posted by Kamran Agayev A. on November 14th, 2009

Today I asked our SysAdmin about a password of one of the servers, but unfortunately he wasn’t able to remember (and didn’t noted it in somewhere). So I decided to crack it using the following steps. It’s documented and is written in the Linux manual :)


6 Responses to “Change forgotten password of the root user at the Linux server”

  1. Surachart Opun Says:

    When we forgot root password. we need time to reboot(maintenance to change password).
    If we don’t need root user do anything yet, we may wait… wait and wait (time to maintenance)

    Some SysAdmins use sudo help to su root and forgot root password anyway.

  2. Garib Mehdiyev Says:

    Common for the most of Unix/Linux systems is Live CD, mounting the disk and changing passwd

  3. Sunil Says:


    If there is a loophole then y the industry is using red hat enterprise servers,i think most of the database works on red hat enterprise linux,if anyone can hack the root password or change the root password,then what is the use of this OS,there must be a security…can we restrict..is it possible?

  4. Kamran Agayev A. Says:


    Don’t forget that the way of hacking the root password is possible only when you’re in front of the server physically. In that case, he can also shutdown the server and take the hard drives away :)

  5. Sunil Says:

    Is it possible to hack a database from the internet?root password can also be change and also we can bypass the grub password..

  6. Kamran Agayev A. Says:

    Yes Sunil, it’s possible if you have security vulnerabilities, especially using SQL injections

    There’re a lot of demos and white papers in the web site ot Pete Finningan, the #1 Oracle Security DBA in the world

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>