Resetting root password
How to reset your root password.
Let's say you've been a bit silly and misplaced your root password for your VPS, and have no means to log in to it. There's a variety of ways you can get yourself out of this predicament without having support do it for you.
Via rescue VPS
There's a rescue environment which all customers can boot into. It runs from RAM and gives you access to your block devices. It's easy to reset your password this way, or fix a lot of other things.
Access to the rescue VPS
The rescue VPS is accessed via the Xen Shell. So:
$ ssh username@username.console.bitfolk.com
Password:
xen-shell v1.48bitfolk1 - type 'help' for help.
xen-shell> help
xen-shell v1.48bitfolk1
The following commands are available within this shell:
boot Boot your VPS.
console Gain access to your VPS via the serial console.
destroy Immediately destroy your running VPS - dangerous!
exit Exit this shell.
help Show general, or command-specific, help information.
reboot Reboot your VPS.
rescue Boot into the rescue environment.
shutdown Shut down your VPS.
status Show the status of your VPS.
uptime Show the uptime information of the host and guest systems.
version Show the version of this shell, and of Xen.
xfer Show data transfer stats.
For command-specific help run "help command".
xen-shell>
Only one VPS instance can be run at once
The rescue VPS can only be booted when your real VPS is not running, so if it is you'll have to shut it down:
xen-shell> shutdown
Shutting down instance: username
Domain username terminated
All domains terminated
Boot rescue VPS
xen-shell> rescue
Booting rescue instance: username
Using config file "/etc/xen/username.rescue.conf".
Started domain username
[ 0.000000] Reserving virtual address space above 0xf5800000
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Linux version 2.6.32-5-686-bigmem (Debian 2.6.32-41) (ben@decadent.org.uk) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 SMP Mon Jan 16 16:42:05 UTC 2012
[...]
****************************************
Resetting user password to random value:
New user password: giChiepi
****************************************
BitFolk Rescue Environment - https://tools.bitfolk.com/wiki/Rescue
This virtual machine is running read-only over NFS with a unionfs ramdisk to
allow changes. This means:
- anything you write to its filesystem will not survive a reboot
- you only have about half your RAM size as writable space
If you need to write more, or you need it to persist past a reboot, you'll need
to use your VPS's storage. Please see:
https://tools.bitfolk.com/wiki/Rescue#Persistence
for more information.
Your user account is called 'user' and its password has been randomly-generated
(see above). Be careful what you do with it as networking is now active and
sshd is running. The 'user' account has full sudo access.
rescue login:
Log in to rescue VPS
As the above message suggests, the running VPS has a randomly-generated user password (giChiepi in this case). This does not correspond to the password of any account on your VPS - this isn't your VPS. Networking is also enabled, so you could SSH in with that password if you like. At this point you're already at the console prompt though, so may as well log in there.
rescue login: user
Password:
user@rescue:~$
From there you have access to root via sudo.
Your block devices
The rescue VPS has access to your block device(s), but doesn't run from them. You can see what's accessible:
rescue:~# cat /proc/partitions
major minor #blocks name
202 0 10485760 xvda
202 1 10485760 xvda1
and mount that somewhere:
rescue:~# mkdir /tmp/xvda1
rescue:~# mount -v /dev/xvda1 /tmp/xvda1
mount: you didn't specify a filesystem type for /dev/xvda1
I will try type ext4
kjournald starting. Commit interval 5 seconds
EXT4 FS on xvda1, internal journal
EXT4-fs: mounted filesystem with ordered data mode.
/dev/xvda1 on /tmp/xvda1 type ext4 (rw)
Reset root password
Now that your VPS's filesystem is mounted you can try to fix whatever is broken. In this case that's resetting your root password:
rescue:~# chroot /tmp/xvda /bin/bash
root@rescue:/# uname -a
Linux rescue 2.6.18-6-xen-686 #1 SMP Sat Feb 20 01:44:14 UTC 2010 i686 GNU/Linux
root@rescue:/# passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
root@rescue:/# exit
rescue:~#
Boot back to your real VPS
Again, only one instance of your VPS can run at once, so you need to halt (shutdown -h) the rescue VPS and boot your own as normal. Hopefully it's fixed now.
rescue:~# halt
Broadcast message from root@rescue (tty1) (Thu Oct 21 19:14:16 2010):
The system is going down for system halt NOW!
INIT: Switching to runlevel: 0
INIT: Sending processes the TERM signal
Stopping OpenBSD Secure Shell server: sshd.
Saving the system clock..
Hardware Clock updated to Thu Oct 21 19:14:17 UTC 2010.
Stopping kernel log daemon: klogd.
Stopping system log daemon: syslogd.
Asking all remaining processes to terminate...done.
Killing all remaining processes...done.
Saving random seed...done.
Unmounting remote and non-toplevel virtual filesystems...done.
Deconfiguring network interfaces...done.
Cleaning up ifupdown....
Will now unmount temporary filesystems:umount: /UNIONFS: device is busy
umount: /UNIONFS: device is busy
tmpfs umounted
failed!
Will now deactivate swap:.
Mounting root filesystem read-only...Warning! dirs delete and imap options to remount are ignored
done.
Will now halt.
xenbus_dev_shutdown: device/console/0: Unknown != Connected, skipping
System halted.
xen-shell> boot
Booting instance: username
Using config file "/etc/xen/username.conf".
pyGRUB version 0.6
lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
x Ubuntu 10.04.1 LTS, kernel 2.6.32-24-generic-pae x
[...]
Started domain username
[ 0.000000] Reserving virtual address space above 0xf5800000
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Linux version 2.6.32-24-generic-pae (buildd@palmer) (gcc version 4.4.3 (Ubuntu 4.4.3-4ubuntu5) ) #43-Ubuntu SMP Thu Sep 16 15:30:27 UTC 2010 (Ubuntu 2.6.32-24.43-generic-pae 2.6.32.15+drm33.5)
[...]
Ubuntu 10.04.1 LTS username hvc0
username login: root
Password:
Last login: Tue May 4 16:55:05 UTC 2010 on hvc0
Linux username 2.6.32-24-generic-pae #43-Ubuntu SMP Thu Sep 16 15:30:27 UTC 2010 i686 GNU/Linux
Ubuntu 10.04.1 LTS
Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com/
root@username:~#
Success!
Boot with init=/bin/sh
It should be possible to edit your kernel command line in grub to add init=/bin/sh once BitFolk's grub has read your VM's grub configuration and presented a boot menu. This would boot directly to a root shell where you would be able to reset the root password. However grub is quite fiddly to use and you only have a few seconds to interrupt the boot process, so the above method is probably easier.