blackMORE Ops Learn one trick a day ….
Forgetting root password is an hassle. We try to be vigilant with our security and set a complex root password. We also try not to login using directly into root account (in most production boxes) and use sudo instead. So it’s not very unlikely to loose your root password and depending on how you’ve setup your access, you just might not be able to reset it using sudo passwd root/someusername. Following post shows you two different ways to reset root password in Ubuntu, Debian, Kali, CentOS or pretty much any Linux distributions. 
Option 1: Reset root password from Grub
Step 1.1: Boot in to GRUB menu
Boot to the GRUB menu. Then, press e (for edit) before Linux has a chance to boot. (Most standard installation will allow you 5 seconds to choose and Boot option is Grub, so you’ve got plenty of time)
Step 1.2: Edit GRUB menu
Using your keyboard arrow keys, move the cursor down a line or so, and press e (for edit) again, you should now be on the kernel line, and press End to go out to the very end of that line. Now hit the space-bar once, if necessary, to add a space, and then add one of the following:
init=/bin/bash (or) init=/bin/sh
Then press Enter, and you’re back at the kernel line, press b (for boot) and the computer will proceed to boot to a root prompt.
Step 1.3: Remount filesystem as Read/Write to save changes
At this point, the root file system is still mounted read-only, so enter the following command:
mount -n -o remount,rw /
Step 1.4: Reset root password / Change password
Then type:
passwd
Enter your new password. Retype if asked to confirm. Change your pw with a passwd command. If you’re not sure, man passwd should help.
Step 1.5: Reboot and off you go
Then restart the machine by typing:
reboot
Now you should be able to login with your new root password as required.
Option 2: Reset root password using a Live CD/DVD or Live USB
Using a Live Linux CD/DVD or Live USB is another option to reset root password if you’ve uncomfortable using Grub menu.
Following is what you do:
Step 2.1: Boot Computer using any Live Linux CD/DVD or USB
Start up the computer with a Linux live CD (or USB key). You can use any Linux distro such as Debian, Ubuntu or even Kali.
Step 2.2: Mount Filesystem
Using the Disk Utilities available from your device, mount the partition that hosts your /etc folder (probably marked as bootable).
Ideally following command does the trick
mount auto /dev/sdaX /mnt (or) sudo mount auto /dev/sdaX /mnt
Where sdaX or similar is the partition that contains /etc folder.
Step 2.3: Identify correct shadow file in correct /etc folder
In a command line, go to ./etc under your mounted partition, probably in /mnt and contains a long hd id-like number. Notice the dot . before ./etc; don’t go to /etc. You can check that you’re in the right folder with grep -i [name of a user of yours (not root!)] shadow command. If you get anything, you’re in the right folder and you can proceed to Step 4.
Step 2.4: Make a backup of the shadow file
Just to be safe, make a backup copy of your shadow file. I used cp ./shadow /media/[an inserted and mounted USB key]/shadow command.
Step 2.5: Open shadow file using any text editor
Using your favorite text editor (vi, nano or pico), edit your shadow file
vi shadow (or) nano shadow (or) pico shadow
Step 2.6: Locate the root line
Locate the root line. It’ll look something like root:[encrypted pw]:12345:5:99999::: (You’ll have a some random numbers is there)
Step 2.7: Replace encrypted password line
Replace the [encrypted pw] part of the line with a single ! exclamation mark without double quotations. That tells Linux to authorize the mentioned user to access the system with no pw, so be cautious ! Your line will then look something like root:!:12345:5:99999:::
Step 2.8: Save changes
Save your changes and exit the command line
Step 2.9: Unmount the partition
Back to your Disk Utilities program, unmount the partition you mounted in step 2 above.
umount /dev/sdaX (or) sudo umount /dev/sdaX
Where sdaX or similar is the partition that contains /etc folder.
Step 2.10: Poweroff and remove boot media
Poweroff your computer and remove all media, may it be USB key, CD, or whatever.
Step 2.11: Restart and boot into rescue mode
Now start/restart your computer and, in the grub menu, choose rescue mode. You’ll find yourself in a command line of a root session with no pw.
Step 2.12: Reset root password / Change password
Change your password with a passwd command. If you’re not sure, man passwd should help. Once done, you can restart again and now you should be able to login as root user from terminal (maybe not from SSH depending on how you’ve configured your SSH server). So there you go, two options to reset root password in Ubuntu, Debian, Kali, CentOS or pretty much any Linux distributions.
It may be easier to just break in the grub menu as mentioned in 1.1, then add a “single” to the end of the kernel line and continue booting, skipping to 1.4 then after 1.4 do an init 5 to get back to the X login.
You’re right, single user mode is another option. I’ll update the guide to include this as a third option. Thanks.
As far as the live CD/DVD/USB option. It’s a lot easier to mount the install in a chroot, then just issue the passwd command for root..
I’d just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.
Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.
Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.