Cannot change the root password after resetting it

April 25, 2018 973 views
Configuration Management DigitalOcean Security Ubuntu 16.04

Hello,

After resetting the password for my root user on a droplet, I cannot seem to properly change it. I tried two SSH clients -bitvise and putty- and they both disconnected or exited respectively as few seconds after hitting return after entering a new password.

I also used the console from the Digitalocean web interface, but that also does not seem to work as after hitting return from entering a new password, it goes back to ask me to enter the username again.

I tried booting into recovery mode -to see if changing it from there would work-, but apparently, my "image" does not seem to support that.

Is this a common problem that can be resolved?

2 Answers

The most common reason for this issue is if you are attempting to enter your new password when prompted for your current one. Once you request a new password via email when you log in you'll be prompted to change that password. Here is the process:

1.) Connect with SSH as "root"
2.) Enter the temporary password that you were emailed.

You are now logged in but the system is set up to require you to immediately change the temporary password so the system now kicks off that process which begins by confirming your current password.

3.) Enter your temporary password again.

If you fail to provide this correctly the session will be ended and you'll be logged off here.

4.) Enter your new password
5.) Confirm your new password

Once you've completed these steps you'll end up at a normal shell prompt and will only be prompted for a password change again if you use the root password reset tool or set up a password change policy within your droplet.

  • It is in Step 4 that I am facing problems. After hitting return upon entering the new password, it logs me out of the root SSH session.

I am uncertain of why step 4 of ryanpq 's answer works not for my Ubuntu droplet, however, if this ever happens to anyone, do the following:

  1. Contact Digital ocean and ask them to mount the Recovery ISO
  2. They will probably send you instructions, but for me the instructions they sent were:

"Power the droplet off and then power it back on (not a power cycle).

After doing so, you can then access the DigitalOcean Recovery ISO menu via the droplet's Web Console, found within your control panel.

Once within the DigitalOcean Recovery ISO, you should see a menu. From this menu, you want to select "Mount your Disk Image" by typing 1 and pushing the Enter/Return key.

After doing this, you will then select "Reset Droplet Root Password" by typing 3 and pushing the Enter/Return key. This will bring you to the Unix passwd prompt, which first asks for your new password. Carefully enter the new password here. After doing so, it will then ask you to re-enter the new password. Once this is completed, you should be brought back to the DigitalOcean Recovery ISO menu.

If this does not work for you, you can try changing the password via a chroot'd environment. To do this, you will want to select "Attempt to 'chroot' into installed system" by typing 5 and pushing the Enter/Return key. From here, you will be brought into a chroot'd environment of your droplet. You can then use the Linux "passwd" command to change your root password. It will use the same prompts as the "Reset Droplet Root Password" option from the DigitalOcean Recovery ISO.

Once you have completed that, please reply back letting us know so we can set the droplet to boot using the HDD instead of our Recovery ISO."

Have another answer? Share your knowledge.