How to Reset the Root Password of a Vultr Compute Instance
Resetting your root password is essential when you lose administrative access to your server due to forgotten credentials or misconfiguration. Using the SystemRescue ISO available in the Vultr Console, you can regain access without reinstalling the operating system or losing data.
This guide outlines how to reset the root or administrator password on a Vultr Cloud Compute instance across multiple operating systems, including Linux distributions, FreeBSD, OpenBSD, and Windows Server, without reinstalling the system or affecting existing data.
The SystemRescue ISO provides a minimal rescue environment that operates independently of the installed OS. Mounting the root partition and using chroot allows the root password to be reset without reinstalling the system.
Log in to the Vultr Console.
Navigate to Instances under Compute.
Select the instance for which you want to reset the root password.
Click Settings, then select Custom ISO.
Under the ISO Library, choose the SystemRescue ISO image and click Attach ISO and Reboot
Open the web console by clicking the View Console icon on the instance information page.
In the console, press Enter to boot using the default SystemRescue kernel.
After the instance boots, you see a prompt like below.
[root@sysrescue ~]#This confirms that the system is running in SystemRescue mode.
List the attached block devices.
console# lsblkOutput:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 647.7M 1 loop /run/archiso/sfs/airootfs sr0 11:0 1 720M 0 rom /run/archiso/bootmnt vda 253:0 0 180G 0 disk ├─vda1 253:1 0 260M 0 part └─vda2 253:2 0 179.7G 0 partMount the root block device.
console# mount /dev/vda2 /mntThis command mounts the root partition at
/mnt. Replace/dev/vda2with your actual root partition.Chroot into the mounted system.
console# chroot /mntThis command switches the shell's root directory to the mounted system under
/mnt, allowing you to operate as if you're inside the original system. It enables you to run commands likepasswdto modify the root user's password in the correct environment.Reset the root password.
console# passwdWhen prompted, enter a new strong password twice to confirm. This updates the root user's credentials on the mounted system, restoring administrative access after reboot.
Exit the
chrootenvironment.console# exitReboot the instance.
console# rebootAfter the
reboot, return to the Custom ISO section under Settings.Click Remove ISO to detach the rescue ISO and boot the server using root block device.
RHEL-based distributions require an additional SELinux relabeling step after a password change to restore correct file security contexts on the next boot. The steps below use the SystemRescue ISO to mount the root partition and reset the password.
Log in to the Vultr Console.
Navigate to Instances under Compute.
Select the instance for which you want to reset the root password.
Click Settings, then select Custom ISO.
Under the ISO Library, choose the SystemRescue ISO image and click Attach ISO and Reboot
Open the web console by clicking the View Console icon on the instance information page.
In the console, press Enter to boot using the default SystemRescue kernel.
After the instance boots, you see a prompt like below.
[root@sysrescue ~]#This confirms that the system is running in SystemRescue mode.
List the attached block devices.
console# lsblkOutput:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 647.7M 1 loop /run/archiso/sfs/airootfs sr0 11:0 1 720M 0 rom /run/archiso/bootmnt vda 253:0 0 180G 0 disk ├─vda1 253:1 0 260M 0 part └─vda2 253:2 0 179.7G 0 partMount the root block device.
console# mount /dev/vda2 /mntThis command mounts the root partition at
/mnt. Replace/dev/vda2with your actual root partition.Chroot into the mounted system.
console# chroot /mntThis command switches the shell's root directory to the mounted system under
/mnt, allowing you to operate as if you're inside the original system. It enables you to run commands likepasswdto modify the root user's password in the correct environment.Reset the root password.
console# passwdEnter a new strong password twice when prompted. This updates the root user's credentials on the mounted system, restoring administrative access.
Create a
.autorelabelfile to trigger SELinux relabeling.console# touch /.autorelabelThis step is required for RHEL-based systems where SELinux is enabled. It ensures that file contexts are restored on the next boot to prevent login issues after the password change.
Exit the
chrootenvironment.console# exitReboot the instance.
console# rebootAfter the
reboot, return to the Custom ISO section under Settings.Click Remove ISO to detach the rescue ISO and allow the system to boot from the root block device
Fedora uses SELinux and requires a relabeling pass after a password reset to restore file security contexts. The GRUB boot parameter autorelabel=1 triggers this process on the next boot.
Log in to the Vultr Console.
Navigate to Instances under Compute.
Select the instance for which you want to reset the root password.
Click Settings, then select Custom ISO.
Under the ISO Library, choose the SystemRescue ISO image and click Attach ISO and Reboot
Open the web console by clicking the View Console icon on the instance information page.
In the console, press Enter to boot using the default SystemRescue kernel.
After the instance boots, you see a prompt like below.
[root@sysrescue ~]#This confirms that the system is running in SystemRescue mode.
List the attached block devices.
console# lsblkOutput:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 647.7M 1 loop /run/archiso/sfs/airootfs sr0 11:0 1 720M 0 rom /run/archiso/bootmnt vda 253:0 0 180G 0 disk ├─vda1 253:1 0 260M 0 part └─vda2 253:2 0 179.7G 0 partMount the root block device.
console# mount /dev/vda2 /mntThis command mounts the root partition at
/mnt. Replace/dev/vda2with your actual root partition.Chroot into the mounted system.
console# chroot /mntThis command switches the shell's root directory to the mounted system under
/mnt, allowing you to operate as if you're inside the original system. It enables you to run commands likepasswdto modify the root user's password in the correct environment.Reset the root password.
console# passwdEnter a new strong password twice when prompted. This updates the root user's credentials on the mounted system, restoring administrative access.
Create a
.autorelabelfile to trigger SELinux relabeling.console# touch /.autorelabelExit the
chrootenvironment.console# exitReboot the instance.
console# rebootAfter the
reboot, return to the Custom ISO section under Settings.Click Remove ISO to detach the rescue ISO and allow the system to boot from the root block device.
Return to the web console and wait for the GRUB boot menu to appear.
Select the default kernel and press E to edit the boot parameters.
Add the following content at the end of the command after
console=tty0.iniautorelabel=1
It ensures that file contexts are restored on the boot to prevent login issues after the password change.
Press Ctrl + D to boot with the updated configuration.
FreeBSD provides a Single User Mode accessible from the boot menu that drops the system into a root shell, bypassing normal authentication entirely.
Log in to the Vultr Console.
Navigate to Instances under Compute.
Select the instance for which you want to reset the root password.
Click the Server Reboot icon to reboot the server, then click the View Console icon to open the web console.
From the boot menu, press
2to select the Boot Single User option.After the instance enters single user mode, remount the root filesystem with read/write permissions.
console# fsck && mount -u -a -o rwConfirm that the root filesystem is mounted at
/.console# mountOutput:
/dev/ufs/rootfs on / (ufs, local, soft-updates, journaled, soft-updates) devfs on /dev (devfs)Change the root password.
console# passwdWhen prompted, enter the new password twice. This updates the root user's credentials.
Reboot the server.
console# reboot
OpenBSD enters single-user mode via the boot -s flag at the boot loader prompt, providing a root shell with the filesystem mounted read-only until explicitly remounted.
Log in to the Vultr Console.
Navigate to Instances under Compute.
Select the instance for which you want to reset the root password.
Click the Server Reboot icon to reboot the instance, then click the View Console icon to open the web console.
At the OpenBSD boot prompt, enter the following command to start the server in single user mode.
consoleboot> boot -s
When prompted:
Enter pathname of shell or RETURN for sh:Press Enter to continue with the default
shshell.Remount the root filesystem with write permissions.
console# fsck -p / && mount -uw /Change the root password.
console# passwdEnter the new password twice when prompted to update the credentials.
Press Ctrl + D to continue booting into multi-user mode.
The chntpw utility, available in the SystemRescue environment, edits the Windows SAM registry directly to clear or reset account passwords without booting into Windows.
Mount SystemRescue and Access the Console
Log in to the Vultr Console.
Navigate to Instances under Compute.
Select your Windows instance.
Click the Server Stop icon to perform a clean shutdown.
After the server is powered off, Click Settings, then select Custom ISO.
Under the ISO Library, select SystemRescue ISO and click Attach ISO and Reboot.
Open the View Console from the instance information page.
At the boot menu, select Boot SystemRescue using default options and press Enter.
Wait for the rescue environment to load and display the root prompt.
[root@sysrescue ~]#
Identify and Mount the Windows Partition
List all the attached devices.
console# fdisk -lOutput:
... Device Start End Sectors Size Type /dev/vda1 2048 4098047 4096000 2G Windows recovery environment /dev/vda2 4098048 4630527 532480 260M EFI System /dev/vda3 4630528 4896767 266240 128M Microsoft reserved /dev/vda4 4896768 157286366 152393599 72.7G Microsoft basic data ...Identify the main Windows partition (usually the largest, like
/dev/vda4).Run
ntfsfixto clean any dirty shutdown flags.console# ntfsfix /dev/vda4Replace
/dev/vda4with your actual Windows partition.Mount the Windows partition.
console# mount /dev/vda4 /mntNavigate to the Windows SAM registry directory.
console# cd /mnt/Windows/System32/config/
Reset the Administrator Password with chntpw
Launch
chntpwin interactive mode.console# chntpw -i SAMOutput:
chntpw version 1.00 140201, (c) Petter N Hagen ... <>=======<> chntpw Main Interactive Menu <>=======<> Loaded hives: <SAM> 1 - Edit user data and passwords 2 - List groups - - - 9 - Registry editor, now with full write support! q - Quit (you will be asked if there is something to save) What to do? [1] ->At the main menu, enter
1and press Enter to edit user data and passwords.When the list of users appears, find the Administrator account.
==== chntpw Edit User Info & Passwords ==== | RID | ------- Username ---- | Admin? |- Lock? --| | 01f4 | Administrator | ADMIN | | | 01f7 | DefaultAccount | | dis/lock | | 01f5 | Guest | | dis/lock | | 01f8 | WDAGUtilityAccount | | dis/lock | Please enter user number (RID) or 0 to exit: [1f4] _Enter the RID of the Administrator (In this case, 01f4) and press Enter.
At the User Edit Menu, enter 1 to clear the password:
============= USER EDIT ============= RID : 0500 [01f4] Username : Administrator ... 00000220 = Administrators (which has 1 members) ... Total login count: 4 - - - User Edit Menu: 1 - Clear (blank) user password 2 - Unlock and enable user account [seems unlocked already] 3 - Promote user (make user an administrator) 4 - Add user to a group 5 - Remove user from a group q - Quit editing user, back to user select Select: [q] > 1Output:
Password cleared!Press
qtwice to exit back to the main prompt.When prompted to save changes, enter Y.
Hives that have changed: # Name 0 <SAM> Write hive files? (y/n) [n] : yThis confirms and writes the updated SAM database to disk, saving the cleared Administrator password.
Unmount and Reboot the Instance
Return to the root directory.
console# cd /Unmount the Windows partition.
console# umount /dev/vda4Go back to the Custom ISO section under Settings in the Vultr Console.
Click Remove ISO to detach the rescue image and reboot the instance.
Set a New Administrator Password
- Once the system boots and logs in, open the Start menu and go to Settings.
- Navigate to the Sign-in options under Accounts.
- Click Password, then Add.
- Set a new password and confirm it.
- Click Finish to apply the changes.
This ensures that your Administrator account is secured and accessible both via console and remote connections like RDP.
Conclusion
You have successfully reset the root or administrator password on your server using SystemRescue ISO or Single User Mode. Whether on Linux, BSD, or Windows, you restored administrative access without reinstalling the operating system or losing data. By following each platform-specific procedure, you ensured secure access to your Vultr instance and maintained system integrity.