Changing a forgotten root password on an ESX/ESXi host

Post Source VMware KB 1317898

Details
This article provides steps to reset a lost or forgotten root password of an ESX/ESXi host.
Solution
Note: In some cases a defective keyboard can cause problems logging into an ESX/ESXi host. You might want to test with a different physical keyboard if you are having difficulties with known login credentials.

If you have forgotten or do not know the password for the root user on an ESX/ESXi host, you may be able to change it without reinstalling.

Warning: This can be used maliciously and should be safeguarded against through proper physical access to the host, authenticated remote console access, monitoring and protection against reboot procedures (e.g. grub password) and limited access to the management network.

For more information on security best practices, see http://www.vmware.com/resources/techresources/726 .

Note: The procedure(s) below perform a password reset. This “blindly” replaces the existing root password with a new one. This is not a password recovery mechanism. That is, it does not allow you to learn the original root password. VMware does not provide tools or methods to recover the original root password of an ESX/ESXi host.
ESXi 3.5, ESXi 4.x, and ESXi 5.x
Reinstalling the ESXi host is the only supported way to reset a password on ESXi. Any other method may lead to a host failure or an unsupported configuration due to the complex nature of the ESXi architecture. ESXi does not have a service console and as such traditional Linux methods of resetting a password, such as single-user mode do not apply.
ESX 3.x and 4.x
Note: This section does not apply to ESXi. See the ESXi section of this article.

To change the password for the root user on an ESX 3.x or ESX 4.x host, you must reboot into single-user mode. To do this, follow these steps:

Reboot the ESX host.
When the GRUB screen appears, press the space bar to stop the server from automatically booting into VMware ESX.
Use the arrow keys to select Service Console only (troubleshooting mode).
Press the a key to modify the kernel arguments (boot options).
On the line presented, type a space followed by the word single .
Press Enter. The server continues to boot into single-user mode.
When presented with a bash prompt such as sh-2.05b#, type the command passwd and press Enter.
Follow the prompts to set a new root user password. For more information, see Changing an ESX host root password (1004659).
When the password is changed successfully, reboot the host using the command reboot and allow VMware ESX to boot normally.

ESX Server 2.x
Note: This section does not apply to ESXi. See the ESXi section of this article.

To change the password for the root user on an ESX 2.x host, you must reboot into single-user mode. To do this, follow these steps:

Reboot the ESX Host.
When the LILO screen appears, press the space bar to stop the server from automatically booting into VMware ESX.
At the LILO prompt select linux, adding the -s to the end of the line. For example: linux -s.
Press Enter. The system begins to boot. The server continues to boot into single-user mode.
When presented with a bash prompt such as sh-2.05b#, type the command passwd and press Enter.
Follow the prompts to set a new root user password. For more information, see Changing an ESX host root password (1004659).
When the password is changed successfully, reboot the host using the command reboot and allow VMware ESX to boot normally.

When the system is finished booting, you can log in as the root user using the new password.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s