Any potholes to avoid when resetting root password?

Hi, Our (VERY COMPETENT) developer passed away and I’m the CEO trying to fix an issue without creating any new ones. A couple of us have lost access to a droplet (via FileZilla). I believe I need to reset the root password for the droplet so I can go though the steps of storing an ssh key for the new laptops, etc.

I’m hoping this is a really dumb question: I’m concerned that resetting the root password would break our app because one of the software based puzzle pieces he used would require the old root password to have remained unchanged. I can’t imagine our developer would have built things this way. Is there a way I can verify a droplet’s root password is not being used for access? Anything I need to look out for?

Technology stack (major players): Java 8 JPA 2 Eclipselink MySQL Activiti DROOLS Spring Framework OpenCSV JEXL Vaadin Framework Ubuntu 16.04

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hi @SideKickTools,

I really doubt someone would use root access for an application, it’s not very secure and it has the potential to cause such issues you are describing.

Having said that, I don’t believe there is a way to check if an app is using the root password. What you can do when you are logged in as root is to type the command last.

The last command searches the user information from the ‘/var/log/wtmp’ file and displays a list of all users who have logged in and out since the file was created.

Additionally, I don’t think anyone is using root passwords to connect to servers anymore rather SSH keys are being used. If your App required root access, I’m most sure it’s using SSH keys.

Lastly, what you can do prior to changing the root password is to create a snapshot of your droplet and if needed restore it afterwards to that state.