Password Recovery
Password recovery in RHEL involves regaining access to a locked or forgotten user account while maintaining system security. This typically requires booting into recovery mode or using a root account to reset the password. Ensuring proper authentication and logging helps prevent unauthorized access and keeps the system compliant with security policies.
RHEL 9.5 & Root Password Recovery
RHEL 9.5 Root Password Recovery
Platform : VMware Workstation 17
Reboot the system and press e to get to the Grub boot menu.
Use arrows on keyboard to select your kernel you are using and press e
Considering this to be a last resort password reset to gain control over your root account.
Update the line starting with "linux" and append the line as highlighted below.
Press CTRL+X after you have updated the line to continue.
System will boot and enter a prompt to allow updating the root password
Enter to commands as show below and enter your new root password.
​
Notes:
When resetting the root password on RHEL 9 (or other SELinux-enabled Red Hat-based systems), the touch /.autorelabel command plays a crucial role in ensuring system integrity after modifying system files, especially the /etc/shadow file, which stores user passwords.
​
Why is touch /.autorelabel Needed?
RHEL 9 enforces SELinux (Security-Enhanced Linux) policies, which label files with security contexts. When resetting the root password by manually editing /etc/shadow in single-user mode, SELinux might prevent login due to incorrect or missing security labels.
System will reboot and set the new password and rest the labels.
