A friend of mine has forgotten his root password anyone with an idea on how to recover the password.I had tried to mount the filesystem with a bootable cd but could not view any of the files in the partition.

You can't recover it.

You can set a new one. Just boot from a livecd, mount the relevant partition, cd into the mount point, chroot into it (chroot . should suffice) and then use passwd to set a new password.

Ok,ill try that and see if it works.

I have been able to mount the /boot partition only and when i chroot into it it says /bin/bash could not be executed no such file or directory.I have tried to mount the other partition and it gives the error bad fs or bad block,what could be the problem?

What version of Linux is it?

You can recover it - might take some time though and is kinda pointless - with John the Ripper

Can you not just boot from the install media or into single user mode, mount your root fs from there and either edit /etc/passwd and shadow, run the passwd command against root or for a bit of fun run John the Ripper against it!

These two methods work for the passwd method http://aplawrence.com/Linux/lostlinuxpassword.html OR http://www.linuxforums.org/security/..._password.html (from this very site)

There are two methods which I would consider very easy:

1. Boot with a live cd, mount the partition which has /etc, then edit the passwd file so that 'root' has no password. Simply delete the 'x' in the password field and leave the password field blank; that means no password is needed to log on.

2. Boot with "init=/bin/bash" (or /bin/ash - or whatever shell is available in the initrd image - or the final system if you do not use initrd). Once in the shell you can edit the passwd file as in (1). Shutting down the computer in a sensible way could be a challenge - perhaps you can call 'exec' on the real init script and hope everything goes fine - otherwise, 'sync' and pull the plug when the sync is done (yeah, bad advice, but if you're desperate ...)

I am using fedora 8, i have tried to mount the partition with the/etc directory but it refuses to mount stating badfs or badblock event after using mount with -t ext3 which is the filesystem am using.

Strictly speaking, John doesn't recover anything, it just guess passwords that match a given hash. The password is not stored in any place, nor even encripted. Only the md5 hash is stored in the shadow file, and that's one way only, it can't be decrypted.

In any case, even if it's true that a working password will do, it's not that easy to get a password on a real system unless root is mentally diminished. Any serious password of an average complexity and with an adequate length would take forever to be "guessed" with the technology we have nowadays.

John just like cracklib serves an only purpose: to check the sanity of the passwords of your users. If john can crack it, then that password should not be on your system (remember: the first step to becoming root is becoming a regular user, most of the times).


You can't chroot into boot, you chroot into the root partition, that's what you should be mounting. If you can't mount it, then either you are using the incorrect file system, or the volume is damaged. So, first thing first: you should first sort the partition issue. Until then there's little you can do.