Recently at work our network admin revealed that he thought he needed to domain join all of the Ubuntu users to be able to recover their passwords in the event that someone forgot theirs… Little did he know it’s as simple as booting in single user mode (rescue mode), executing a few commands and then restarting.
Single User Mode
On Ubuntu and Debian systems, the single user mode, also referred to as the rescue mode, is used to perform critical operations, like resetting a lost password or perform file system checks and repairs if your system is unable to mount them. Simply put, it allows a multiuser computer OS to boot into a single superuser.
Resetting a Lost Password With Single User Mode
First you will need to access the GRUB console to make some changes. As soon as the boot process starts, press ESC to bring up the GRUB boot prompt (if you’re using UEFI BIOS).
Select the boot option you would like to boot into and press ‘e’ to edit it.
Find the kernel line (the line starting with linux /boot/
) and append init=/bin/bash
to the end of the line. Alternatively, you can change the ro
portion of the line ending to rw
and add init=/bin/bash
to the end of it to allow you to skip remounting with read+write capabilities.
Note: Before appending the string remove the word “$vt_handoff” if it exist in the line that begins with “linux
”.
Press CTRL+X or F10 to boot with these new, edited options.
Once the system boots you will see the root prompt. If you haven’t changed ro
to rw
as part of your boot options, you will need to invoke mount -o remount,rw /
At this point you have read+write abilities with the root profile, so all you have to do is invoke passwd <username>
to change a particular user’s password, or simply passwd
to change the current user’s password (in this case, root).
After making all of the changes you want, it’s now time to reboot the system. Type exec /sbin/init
to reboot, or alternatively reboot
and you’re all done!