Reset root password on VMWare ESX/ESXi v4

It so happened that we received a server with ESX on it and some settings; like the IP address to connect to it. Which was wrong. Then the user/password to connect to it which, you guessed, was wrong as well.

So, here I was unable to use the machine because some folks could not remember what password they set on the machine. And then comes google-ing to figure out how to reset it. There’s the vmware KB article that explains it along with some others and all of them mention the grub loader screen. Well, bad luck because on our esxi version 4, there’s syslinux as bootloader. Of course I figured this out after installing knoppix on a usb drive and booting from it (because the server came with no cd/dvd drive). Then came the second issue, of mounting the filesystems as explained in most of the articles on the net about resetting the root password (because as explained, we couldn’t edit the bootloader config to enter single user mode). Well, the issue was that some of the partitions on the disk were vmfs which might be something vmware related, I haven’t digged to find out since the issue was present: I couldn’t mount and hence was unable to read/write to those partitions.

Then, I figured I could play around with the syslinux boot config file to try to force it to enter single user mode. And since there was the syslinux.cfg and a couple of boot.cfg on some other partitions, I modified them all. But to no avail, for some reason I couldn’t guess what the kernel was so the boot failed. Better said, and I quite: “Kernel panic”. I love that message 😀

Back to the issue at hand, finally :P, I noticed some tgz files out of which 2 had current date. I immediately thought that they might contain some stuff about current things (ambiguous, I know) so I jumped with MC (midgnight commander) in them. To my surprise, the state.tgz file contained a local.tgz which contained the /etc directory which contained, among other things, the shadow file. Someone screamed bingo? 🙂 I know I almost did.

So what I did was to extract everything out (since MC does not support saving changes into archives, or at least not with that knoppix version), edited the shadow file and removed the roots password hash (as explained in a lot of articles on the net) and then I tar-ed the /etc in local.tar, then I gzip-ed that into local.tgz then I tar-ed that into state.tar and then gzip-ed that into state.tgz, every time making sure to chmod 700 on the tgz files (as on the original file), and wrote that to the mounted partition overwriting the existing one. And voila, root password got reset.

Phew, that issue took a few hours to solve. Well, enjoy 😉

Related posts


Leave a Reply

This blog is kept spam free by WP-SpamFree.