Help Center/ Elastic Cloud Server/ FAQs/ Password and Key Pair/ Why Does Login to My ECS Using the Reset Password Fail?
Updated on 2025-01-10 GMT+08:00
View PDF
Share

Why Does Login to My ECS Using the Reset Password Fail?

Scenarios

You cannot use the new password that you set to log in to the ECS.

Ensure that the one-click password reset plug-in is not blocked by security software. Otherwise, the one-click password reset function is unavailable.

After the password is reset, you must restart the ECS for the new password to take effect.

Windows

Perform the following operations to locate the fault:

  1. Check whether port 80 in the outbound direction of the security group is permitted.

    1. Log in to the management console.
    2. Select the target ECS to switch to the page that provides details about the ECS.
    3. On the Security Groups tab, check whether the outbound rule allows access from port 80.

      In the default security group rule, all ports are allowed in the outbound direction.

      Figure 1 All ports allowed in the outbound direction

  2. Check whether DHCP is enabled in the VPC of the ECS.

    1. On the ECS details page, click the VPC name to navigate to the VPC console.
    2. In the VPC list, click the VPC name.
    3. In the Networking Components area, click the number in the Subnets row to go to the Subnets page.
    4. In the subnet list, click the subnet name to view its details.
    5. In the Gateway and DNS Information area, check whether DHCP is enabled.

  3. If both the security group and DHCP are properly configured but one-click password reset fails to take effect, use the original password to log in to the ECS.

  4. Check whether the password reset plug-in CloudResetPwdAgent has been installed on the ECS. To do so, perform the following operations:

    Start the Task Manager and check whether cloudResetPwdAgent is displayed on the Services tab. As shown in the Figure 2, the password reset plug-in has been installed on the ECS. If no, the one-click password reset plug-in has not been installed on the ECS.

    For details, see Installing the One-Click Password Reset Plug-in on an ECS.

    Figure 2 Successful plug-in installation

Linux

Perform the following operations to locate the fault:

  1. Check whether port 80 in the outbound direction of the security group is permitted.

    1. Log in to the management console.
    2. Select the target ECS to switch to the page that provides details about the ECS.
    3. On the Security Groups tab, check whether the outbound rule allows access from port 80.

      In the default security group rule, all ports are allowed in the outbound direction.

      Figure 3 All ports allowed in the outbound direction

  2. Check whether DHCP is enabled in the VPC of the ECS.

    1. On the ECS details page, click the VPC name to navigate to the VPC console.
    2. In the VPC list, click the VPC name.
    3. In the Networking Components area, click the number in the Subnets row to go to the Subnets page.
    4. In the subnet list, click the subnet name to view its details.
    5. In the Gateway and DNS Information area, check whether DHCP is enabled.

  3. If both the security group and DHCP are properly configured but one-click password reset fails to take effect, use the original password to log in to the ECS.

    • If the original password is invalid, enter the single-user mode and reset the password.

      For details, see How Do I Reset the Password for User root in Single-User Mode on a Linux ECS?

    • If the original password can be used, perform the following operations for further check:
      1. Use the original password to log in to the ECS.
      2. Run the curl http://169.254.169.254/openstack/latest/resetpwd_flag command to check whether the one-click password reset function is available.
        • If the returned value is true, the password can be reset with a few clicks.
        • If any other value is returned, the password cannot be reset.

  4. Check whether CloudResetPwdAgent has been installed.

    1. Check whether the CloudrResetPwdAgent directory is available in the root directory on the ECS.
    2. Run the following command to check the CloudResetPwdAgent status:

      service cloudResetPwdAgent status

      If the command output is "unrecognized service", the one-click password reset plug-in has not been installed on the ECS.

      For details, see Installing the One-Click Password Reset Plug-in on an ECS.

Parent topic: Password and Key Pair