Recover Forgotten Root Password with GRUB: Step‑by‑Step Guide

What GRUB Is

GRUB (GRand Unified Bootloader) loads the operating system kernel from disk into memory and hands control to it. The boot sequence is BIOS/UEFI → boot sector → GRUB → Linux kernel → init/systemd → login screen.

GRUB Versions

GRUB Legacy (0.9x) uses /boot/grub/menu.lst and is obsolete on modern distributions. GRUB 2 (1.9x and later) uses /boot/grub2/grub.cfg (RHEL/CentOS) or /boot/grub/grub.cfg (Debian/Ubuntu) and adds modular loading, graphical menus, and scripting.

Installing GRUB

BIOS mode

On Debian/Ubuntu:

apt install grub-pc
grub-install /dev/sda
update-grub

On RHEL/CentOS/Fedora:

yum install grub2
grub2-install /dev/sda
grub2-mkconfig -o /boot/grub2/grub.cfg

The key command grub-install /dev/sda writes the first‑stage loader to the MBR and places the second stage in /boot/grub2/. The target must be the whole disk (e.g., /dev/sda), not a partition.

UEFI mode

Mount the EFI system partition (usually /boot/efi formatted FAT32) and run:

mount /dev/sda1 /boot/efi
grub2-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=grub2
grub2-mkconfig -o /boot/grub2/grub.cfg

After installation the file grubx64.efi appears in the EFI partition and is executed by the firmware.

Verify Installation

ls -la /boot/grub2/
cat /boot/grub2/grub.cfg

If grub.cfg exists and contains at least one menuentry, the installation succeeded.

GRUB Configuration Files

The generated grub.cfg should not be edited directly. Instead modify: /etc/default/grub – global settings (e.g., GRUB_TIMEOUT=5, GRUB_DEFAULT=0, GRUB_CMDLINE_LINUX). /etc/grub.d/ – scripts that build menu entries (00_header, 01_users, 10_linux, 30_os‑prober, 40_custom). Adding custom entries is done by editing 40_custom and then running grub2-mkconfig.

Typical menuentry syntax includes load_video, insmod, set root, linux16, and initrd16.

Interactive GRUB Commands

Press Shift (BIOS) or Esc (UEFI) at boot to show the menu, then c for the command line.

List disks and partitions: ls → (hd0) (hd0,msdos1) … List files in a partition: ls (hd0,msdos1)/ Manually boot a kernel (useful when grub.cfg is corrupted):

set root=(hd0,msdos1)
linux /vmlinuz-xxx root=/dev/sda1 ro
initrd /initramfs-xxx.img
boot

Protecting GRUB with a Password

Generate a PBKDF2 hash (e.g., with grub‑mkpasswd‑pbkdf2) and copy the result.

Edit /etc/grub.d/01_users:

set superusers="root"
password_pbkdf2 root grub.pbkdf2.sha512.10000.XXXXX…

Regenerate grub.cfg. After this, any attempt to edit a menu entry or enter the GRUB command line requires the password.

Resetting a Forgotten Linux Root Password via GRUB

Method 1 – Using rd.break

Reboot and highlight the desired kernel entry.

Press e to edit.

Locate the line starting with linux, remove rhgb quiet, and append rd.break at the end.

Boot with Ctrl+X or F10 . The system stops at a shell prompt switch_root:/#.

Remount the root filesystem read‑write: mount -o remount,rw /sysroot (implicit in the guide).

Chroot into the real root: chroot /sysroot.

Run passwd twice to set a new root password.

If SELinux is enabled, create the file .autorelabel to trigger relabeling on next boot: touch /.autorelabel.

Exit the shell and reboot: exit (twice) or reboot -f.

Method 2 – Using init=/bin/bash

Append init=/bin/bash to the kernel line instead of rd.break. The system boots directly into a root bash shell, after which the same remount‑and‑passwd steps apply. The two methods differ only in the stage at which the boot process is interrupted.

Windows Administrator Password Reset (Brief)

The principle mirrors Linux: modify the boot environment before the OS loads. Common steps:

Boot from a Windows installation or PE USB.

At the setup screen press Shift+F10 to open a command prompt.

Backup utilman.exe and replace it with cmd.exe.

Reboot, click the Ease‑of‑Access button on the login screen, which now opens a SYSTEM‑level command prompt.

Reset the password: net user Administrator NewPassword.

Restore the original utilman.exe.

If BitLocker is enabled, the recovery key is required before the disk can be accessed.

Summary

GRUB is the Linux bootloader that loads the kernel and hands control to init/systemd. Installing it requires grub-install followed by grub2-mkconfig. Configuration is split between the global /etc/default/grub and the script directory /etc/grub.d/. Adding a password protects the boot parameters from unauthorized changes. When the root password is forgotten, entering rd.break (or init=/bin/bash) via the GRUB edit screen provides a root shell that can remount the filesystem, change the password, and handle SELinux relabeling without any third‑party tools. The same boot‑level manipulation concept can be applied to Windows administrator password recovery.