Help Center/ Elastic Cloud Server/ FAQs/ Password and Key Pair FAQ/ Resetting the Password for Logging In to a Linux ECS Without the Password Reset Plug-in Installed
Updated on 2024-09-29 GMT+08:00

Resetting the Password for Logging In to a Linux ECS Without the Password Reset Plug-in Installed

Scenarios

If the password reset plug-in is not installed on a Linux ECS or a password reset does not take effect, you can reset the password following the instructions provided in this section.

This section describes how to reset the password of user root. After resetting the password, you can log in to the ECS, and change the private key or reset the password of a non-root user.

For details about the operations performed on Windows ECSs, see Resetting the Password for Logging In to a Windows ECS Without the Password Reset Plug-in Installed.

Prerequisites

  • A temporary Linux ECS is available. It is located in the same AZ and has the same CPU architecture as the target ECS.

    You can select an existing ECS or purchase a temporary ECS.

    After the password of the purchased ECS is reset, you are advised to delete the ECS to avoid additional billing.

  • You have bound an EIP to the temporary ECS.

Process Flow

Figure 1 Process flow of resetting a password

Procedure

  1. Download the script for resetting the password and upload the script to the temporary ECS.

    Download and decompress the password reset script. Use a connection tool, such as WinSCP, to upload the obtained changepasswd.sh script to the temporary ECS.

    To download WinSCP, log in at https://winscp.net/.

  2. Stop the original Linux ECS, detach the system disk from it, and attach the system disk to the temporary ECS.
    1. Log in to the management console.
    2. Click in the upper left corner and select your region and project.
    3. Click . Under Compute, click Elastic Cloud Server.
    4. Stop the original ECS, switch to the page providing details about the ECS, and click the Disks tab.

      Do not forcibly stop the original ECS. Otherwise, password reset may fail.

    5. Locate the row containing the system disk to be detached and click Detach to detach the system disk from the ECS.
  3. Attach the system disk to the temporary ECS.
    1. On the page providing details about the temporary ECS, click the Disks tab.
    2. Click Attach Disk. In the displayed dialog box, select the system disk detached in step 2.e and attach it to the temporary ECS.
  4. Log in to the temporary ECS remotely and reset the password.
    1. Locate the row containing the temporary ECS and click Remote Login in the Operation column.
    2. Run the following command to view the directory of the system disk detached from the original Linux ECS now attached to the temporary ECS:

      fdisk -l

      Figure 2 Viewing the directory of the system disk
    3. Run the following commands in the directory where the changepasswd.sh script is stored to run the script for resetting the password:

      chmod +x changepasswd.sh

      ./changepasswd.sh

      When you run the password reset script, if the system displays a message indicating that there is no command related to logical volume manager (LVM), such as the message "no lvs command", install an LVM tool on the temporary ECS. The LVM2 tool is recommended, which can be installed by running the yum install lvm2 command.

      If the original ECS and the temporary ECS both run CentOS 7, a mount failure may occur during script execution. To resolve this issue, replace mount $dev $mountPath with mount -o nouuid $dev $mountPath in the script.

    4. Enter the new password and the directory obtained in step 4.b as prompted.
      If the following information is displayed, the password has been changed:
      set password success.
  5. (Optional) Enable remote root login for non-root users.

    vi /etc/ssh/sshd_config

    Modify the following settings:

    • Change PasswordAuthentication no to PasswordAuthentication yes.

      Alternatively, uncomment PasswordAuthentication yes.

    • Change PermitRootLogin no to PermitRootLogin yes.

      Alternatively, uncomment PermitRootLogin yes.

    • Change the value of AllowUsers to root.

      Search for AllowUsers in the file. If AllowUsers is missing, add AllowUsers root at the end of the file.

  6. Stop the temporary ECS, detach the system disk, attach the system disk to the original Linux ECS, and restart the original Linux ECS.
    1. Stop the temporary ECS, switch to the page providing details about the ECS, and click the Disks tab.
    2. Click Detach to detach the data disk temporarily attached in step 3.
    3. On the page providing details about the original Linux ECS, click the Disks tab.
    4. Click Attach Disk. In the displayed dialog box, select the data disk detached in 6.b.
  7. Restart the original Linux ECS.