Help Center/ Elastic Cloud Server/ FAQs/ Password and Key Pair/ Failed to Log In to an ECS Using the New Password That Was Reset Offline
Updated on 2025-09-16 GMT+08:00
View PDF
Share

Failed to Log In to an ECS Using the New Password That Was Reset Offline

Scenarios

You cannot use the new password that you set offline to log in to the ECS.

Ensure that the one-click password reset plug-in is not blocked by security software. Otherwise, the offline password reset function is unavailable.

After the password is reset offline, you must restart the ECS for the new password to take effect.

Windows

Perform the following operations to locate the fault:

  1. Check whether port 80 in the outbound direction of the security group is permitted.

    1. Log in to the management console.
    2. Select the target ECS to switch to the page that provides details about the ECS.
    3. On the Security Groups tab, check whether the outbound rule allows access from port 80.

      In the default security group rule, all ports are allowed in the outbound direction.

      Figure 1 All ports allowed in the outbound direction

  2. Check whether DHCP is enabled in the VPC of the ECS.

    1. On the ECS details page, click the VPC name to navigate to the VPC console.
    2. In the VPC list, click the VPC name.
    3. In the Networking Components area, click the number in the Subnets row to go to the Subnets page.
    4. In the subnet list, click the subnet name to view its details.
    5. In the Gateway and DNS Information area, check whether DHCP is enabled.

  3. If both the security group and DHCP are properly configured but offline password reset fails to take effect, use the original password to log in to the ECS.

  4. Check whether the password reset plug-in CloudResetPwdAgent has been installed on the ECS. To do so, perform the following operations:

    Start the Task Manager and check whether cloudResetPwdAgent is displayed on the Services tab. As shown in the Figure 2, the password reset plug-in has been installed on the ECS. If no, the one-click password reset plug-in has not been installed on the ECS.

    For details, see Installing the One-Click Password Reset Plug-in on an ECS.

    Figure 2 Successful plug-in installation

Linux

Perform the following operations to locate the fault:

  1. Check whether port 80 in the outbound direction of the security group is permitted.

    1. Log in to the management console.
    2. Select the target ECS to switch to the page that provides details about the ECS.
    3. On the Security Groups tab, check whether the outbound rule allows access from port 80.

      In the default security group rule, all ports are allowed in the outbound direction.

      Figure 3 All ports allowed in the outbound direction

  2. Check whether DHCP is enabled in the VPC of the ECS.

    1. On the ECS details page, click the VPC name to navigate to the VPC console.
    2. In the VPC list, click the VPC name.
    3. In the Networking Components area, click the number in the Subnets row to go to the Subnets page.
    4. In the subnet list, click the subnet name to view its details.
    5. In the Gateway and DNS Information area, check whether DHCP is enabled.

  3. If both the security group and DHCP are properly configured but offline password reset fails to take effect, use the original password to log in to the ECS.

    • If the original password is invalid, enter single-user mode and reset the password.

      For details, see Resetting the Password for Logging In to an ECS in the OS.

    • If the original password can be used, perform the following operations for further check:
      1. Use the original password to log in to the ECS.
      2. Run the curl http://169.254.169.254/openstack/latest/resetpwd_flag command to check whether the one-click password reset function is available.
        • If the returned value is true, the password can be reset offline.
        • If any other value is returned, the password cannot be reset offline.

  4. Check whether CloudResetPwdAgent has been installed.

    1. Check whether the CloudrResetPwdAgent directory is available in the root directory on the ECS.
    2. Run the following command to check the CloudResetPwdAgent status:

      service cloudResetPwdAgent status

      If the command output is "unrecognized service", the one-click password reset plug-in has not been installed on the ECS.

      For details, see Installing the One-Click Password Reset Plug-in on an ECS.

Parent topic: Password and Key Pair