HowTo: Recovering Linux Grub Boot Loader Password

by on February 20, 2006 · 13 comments· LAST UPDATED May 7, 2010

in , ,

If you have, a password protected grub boot loader and you forgot both root and grub password, then you can recover grub-boot loader password using the following method/procedure:

* Use Knoppix cd
* Remove the password from Grub configuration file
* Reboot the system
* Change the root password
* Setup new Grub password if required (optional)

Knoppix Live cd

The best way to recovering (or reset) a password (and to solve many other problem) is use Knoppix Live CD. First downloaded knoppix and burn it on CD. Put CD into CD/DVD rom and boot the system. You need to boot system into a single user mode, at boot: prompt type linux single:
boot: linux single

Fig.01 knoppix in action

Fig.01 knoppix in action

Mount Partition

You need to mount a partition where you grub configuration file is stored. Depend upon your Linux distribution the location of Grub configuration file changes. Following list summaries Grub configuration file location for pouplar distros:

  • Debian Linux Grub configuration file location: /boot/grub/menu.lst
  • Suse Linux Grub configuration file location: /etc/grub.conf
  • Red Hat/Fedora Linux Grub configuration file location: /boot/grub/grub.conf

If you forgot partition name use the fdisk -l command to obtained partition list / names:
# fdisk -l

Fig.02: The fdisk command displaying the current partition list

Fig.02: The fdisk command displaying the current partition list

Finally, you need to mount your partition as follows:
# mount /dev/sdb1 /mnt

Remove The Grub Password

a) If you are using Debian Linux you need to modify /boot/grub/menu.lst file:
# cd /mnt/boot/grub
# vi menu.lst

b) If you are using Suse Linux you need to modify /etc/grub.conf file
# cd /mnt/etc
# vi grub.conf

If you are using Red Hat / Fedora Linux you need to modify /boot/grub/grub.conf file
# cd /mnt/boot/grub
# vi grub.conf

Once file opened using a text editor, locate password line and remove it:
password --md5 $1$9sdflksdf/sdf44k

Fig.03: Removing The Grub Password Line

Fig.03: Removing The Grub Password Line

Save and close the file. Reboot the system.
# sync; sync
# cd /
# umount /mnt
# reboot

Change Root password

Now your Grub password is removed from the system. You need to login to the system without any password. To restore root user password boot system into a single user mode.

1) At Grub prompt press 'e' to edit command before booting.

2) Select second line

3) Again, press 'e' to edit selected command

4) Type the following line
init=/bin/sh
OR
init=/bin/bash

Fig.04: Booting into a single user mode using Grub

Fig.04: Booting into a single user mode using Grub

4) Press 'b' to boot system.

5) Now you are at shell prompt. Just change root password with the passwd command:
# passwd
Please note that depend upon your Linux distribution you may need to remount root partition in read/write mode before running the above command.

See also:

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 13 comments… read them below or add one }

1 Anonymous February 26, 2006 at 2:55 pm

If you can’t change the password after booting in single mode , then run the following list of commands:
(In most cases the root filesystem system will be mounted readonly , so we need to remount it)

#mount -t proc proc /proc
#cp /proc/mounts /etc/mtab
#mount -o remount,rw /

Reply

2 M. Mohamed Rafi September 10, 2007 at 9:52 am

give the some instruction

Reply

3 lohith January 12, 2009 at 7:56 am

this is for grub i want the settings for redhat if it is same i not able to enter the single user mode.
kernel /vmlinuz-2.4.20-8.ro root=LABEL= /hda=ide-scsi

after this line i press e and it enter to the edit mode after that i confused i change the settings it may cause the problem in OS
please help me
if u posible in detail

Reply

4 reise January 21, 2010 at 2:25 pm

I added init=/bin/sh to the end of the kernel line but it stills goes to prompt and not to shell directly. What I’m doing wrong?

Reply

5 Tarun Chamria October 29, 2010 at 10:50 am

instead of typing init=/bin/sh just type s or 1 and press b for booting……..

Reply

6 Umar June 17, 2010 at 9:39 am

Great howto,

Wonderful work.

Reply

7 Anil April 17, 2011 at 4:51 am

i need grub concept ?

Reply

8 Colin April 21, 2011 at 9:53 pm

I found that instead of appending -init=….. to the bootloader, I needed to append “single”. Otherwise the / filesystem was readonly and passwd command didn’t work.

Reply

9 manoj November 29, 2013 at 4:44 am

Hi,

A newbie is also know above provided method to reset password. Can any one tell me the method, if someone put password on grub, then how can we break this grub password… even we don’t know root password.

Regards,
MG

Reply

10 Anonymous February 17, 2014 at 1:14 pm

Dear manoj

A newbe also know above….. wtf. This is a how to for breaking grub password lock when you dont know grub or root password.In which distro default docs has that info let us know.

And rest of the line of your comment can be answered from above or if you are patient enough read the article before commenting

Do take this personally.This comment is for your eyes only.

Now as for this article i would love to know if other alternatives available.Thanks Nix Craft

Reply

11 manoj gupta February 17, 2014 at 2:01 pm

Hi,

Thanks for this. but i think you didn’t understand what i want to ask. I just want to ask, if someone put password on grub… after that restart system.
==> OS option or kernel menu option will come
==> After that, if you press P, then it will ask for password.

Without enter password, you will not be able to edit, without known grub password. You also don’t know root password.

In this condition, you must be break grub password. Then how can we done this ?

I just wanted to know answers, but you take this personally, which is very wrong and also it’s very wrong way to reply…”This comment is for your eyes ” etc…

By the way thanks for your reply and am sorry, because i ask question.

Reply

12 Sandeep July 19, 2014 at 5:46 pm

Hi manoj,

I also new in Linux , As I read above solution and found that we can break the grub password only when we have a cd of Knoppix Live cd. This Cd is type of password recover Cd who mount the hard disk on temporary mode. After mounting the Cd , we can login without password and access the hard disk and change the grub files on it.

I am trying to finding password break by another method like OS cd. If you found any solution , please suggest.

Thanks
Sandeep

Reply

13 krishna July 16, 2014 at 5:25 pm

to break that grub password we should first insert a linux disk or usb in lap or cpu .Then go for boot options after that select rescue installation and following steps you know then after sliding of three or four setup dialouge boxes you willget a shell

click on shell and type chroot/mnt/grub/grub.conf
dude one important note for you this grub .conf location path depends on linux versions and ones grub.conf_profile is open then below the hiddenname line we found a encrypted password remove that password and restart your pc then ur pc is ready have a goodtime ahead

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , , ,

Previous post:

Next post: