There is no default root password in VMware ESXi, so when you log in ESXi, you are required to enter your IP address, root name and password first. You’d better write down your root password to cope with the following scenarios:
- Upgrade VMware ESXi.
- vCenter goes haywire and is inaccessible and requires the local root account remains for authentication.
If you forget your password and don’t want to reinstall your ESXi hosts, what should you do? Remember to take a backup or snapshot before you start again to avoid data loss due to the risk of operation.
Reset VMware root password by editing the “shadow” file
If it’s not available for you to use vCenter to reset your password, you can try another method: use a Live Linux CD/DVD/USB to reset VMware root password. ESXi saves the root password encrypted in a password file located in /etc/shadow . I will remove the password hash in located in 2 partitions in order to create a new password in the DCUI console.
- Download a live Linux CD/DVD, and I choose the Gparted LiveCD.
2. Burn a USB or CD/DVD with the Live CD/DVD and boot your host off it.
3. Locate the 2 partitions sized 249.98MB. The /dev/sda5 and /dev/sda6 are what we’re after assuming you installed ESXi on the first available hard drive/ssd. This could differ if, for example, you installed ESXi on a USB device or SD card. We will be editing the /dev/sda5 partition first followed by the /dev/sda6.
4. Open a terminal window and run the following commands in the exact order as listed.
- Run these commands to get to the shadow password file.
sudo su
mkdir /boot /temp
mount /dev/sda5 /boot
cd /boot
cp state.tgz /temp
cd /temp
tar -xf state.tgz
tar -xf local.tgz
rm *.tgz
cd etc
- Then use vi to edit the shadow password file.
Just move to the line starting with the root and delete the string between the first 2 colons. Use the Delete key. When done, enter :wq followed by Enter.
- Continue by running the following batch of commands.
cd ..
tar -cf local.tgz etc/
tar -cf state.tgz local.tgz
mv state.tgz /boot
umount /boot
reboot
Tips: Boot back into the Gparted Live media. We will be repeating steps 4 except we will be editing the /dev/sda6 partition rather than /dev/sda5. The only difference in this process is to change the command to mount the correct partition.
5. Remove the Gparted media and boot the ESXi host. Once the ESXi host has completed booting, log on as root from the DCUI console. You should be able to log in without typing in a password. Now you may reset a new password.
This method is not supported by VMware, but it works on various versions of ESXi. When resetting VMware root password, the most important thing is to make a VMware backup before performing this operation.
Summary
This article introduced how to reset VMware ESXi root password without reinstalling ESXi host, which saves a lot of time. When you are resetting ESXi root password, if your virtual machines do not have downtime, you should migrate your virtual machines, as well as backup VMware ESXi VMs.