Resetting XCP-ng lost root password

I need to reset my XCP-ng host root password. Not sure how but I set it something completely non-standard and have now forgotten it. I have tried every password I can think of. I scoured my password manager database - embarrassing lack of information there.

Lesson learnt: (note to self) put the hypervisor root password in the password manager stupid.

How to fix this?

Options:

  1. Find the XCP-ng Center configuration where the password must be…
    I spent time looking for where XCP-ng Center stores the configured hosts data, as it knows the password and it can reboot the host just fine. A long search on the desktop where XCP-ng center is installed and nothing found by searching the registry. Nothing found relating to the configured host looking all over the filesystem. Issue not helped by my naming the host xcp-ng.

  2. Look for a password reset procedure. Citrix to post such a document
    Resetting Lost Root Password in XenServer 7.0
    This does not exactly match my xcp-ng 8.0.0 install, but the grub boot entry is very similar and I tried changing “ro” for “rw init=/sysroot/bin/sh” and booting. I did not get “Emergency mode” so I can set the root password.

So - has anyone had to reset their XCP-ng root password? How did you do it?

Thanks for any help in advance. Fortunately, I can wait and not do anything rash as everything is still working ok, except I presumably cannot upgrade or change system settings.

Thanks,

I found a tantalising post on the xcp-ng.org forum:
Reset Root Password Procedure

Basically the idea is to boot to “safe mode”, then update the password as with the Citrix process…

However, when I select “XCP-NG Safe Mode” in the grub boot menu, I get to the usual screen and no command prompt. Argh!

An ideas very welcome.

I have never had to do this on an XCP-NG system, but following the " Reset Lost Root Password Using Live CD" process might work.

1 Like

Thanks Tom. Your steer was enough! :smiley:

I tried downloading UIbuntu live CD, but found it confusing to download an installer, boot from it to create a live CD… perhaps the server ISO was a mistake and desktop iso would allow live boot. Taking a hint from your endless recommendations I tried Debian and it worked fine first time. I recommend Debian Live ISO to anyone who later follows this path - below is a summary of my steps, all of which came from the recommended page from Tom (above).

  1. Download Debian Live am64 standard ISO, and create a bootable USB memory stick with belana Etcher. Use a USB memory stick which is ordinary so the BIOS will access it. Hint - not USB3 :wink:
  2. Boot from USB stick: Dell t410 +F11 at boot → UEFI boot menu, select memory stick…
  3. From boot menu, choose Live boot, at linux prompt …
  4. sudo su - to switch to root user, prompt changes
  5. fdisk -l to list partitions. Find the one which is the boot drive (I found my by size) and look for the sd[abc][0-9] that is a good size, probably the system partition. This is THE critical thing to get right
  6. mkdir /mnt/recover to attach the system partition to.
  7. mount /dev/sd[abc][0-9] /mnt/recover to attach the system partition
  8. chroot /mnt/recover to swtich to the mounted system partition. The prompt changes?
  9. passwd root, and enter the new password and confirm
  10. exit
  11. umount /mnt/recover
  12. exit
  13. sudo reboot now, and remove the USB stick

The system reboots, and log in with the new password.

  1. Record the password in your password manager, stupid.

Thank you Tom. I owe you (again). The generosity of your time and experience is what makes your channel really worthwhile watching, and I am sure your customers in the US loyal and long term.

Best regards from the UK.

Hi @greeners.

I Have the exact same issue, and downloaded several linux livecd’s (seem to have issues getting the debian one to boot on my NUC) but all with the same result. Chrooting fails with the /bin/bash no such file or directory error. Am I missing something here? Even tried recreating /bin/bash dir. Can’t wait to be able to get to step 15.

Hi @spieters,

Sorry to see someone else in the same jam. I’m no expert, so perhaps other forum member can offer insights too.

Did you get Debian live ISO to boot? I have had problems with booting from ISOs, UEFI can be tricky with secure boot disks, and I have had to resort back to BIOS mode booting or disbaling (signed) secure boot disks. In my case UEFI with secure boot off allowed the USB stick to boot when I found a USB stick that was old enough and generic enough to be readable.

The mount step to attach your system partition onto /mnt/recover step is vitally important to choose the right disk to mount. I have 6 drives in my Dell T410, so for a while I was a guessing which to mount. I knew my VM data drives were 1TB with an exception where the boot drive was 300GB, so I could choose based on the size. Look for a way to confirm that you have the right partition?

It is difficult for you to post the screen output, but it would help [people perhaps more experienced than I] spot a clue or mistake.

Thanks for the quick reply! I was able to get Debian working too, and recognizing the boot partition was pretty easy too. Unfortunately still same issue, also tried mounting additional things I read on a fedora site to no avail. Just gave up and reinstalled both hosts, here’s to a fun weekend of rebuilding Windows VM’s I guess.

May not be the way I preferred, but I did get to step 15 now!

Hi,
After a lot of failed attempts, I would l like to ask for a little help. We inherited an XCP-ng setup. 2 HPE Gen10 servers, running important services. Nobody knows the root pass.
We were able to reset the other two (HPE Gen7). I was able to update to XCP-ng 8.2.

We tried to change the Grub (the same way with the older servers). It boots into single user mode, but I can’t type in anything. It looks like the keyboard input is frozen. (Not hardware issue, we tried with different KVMs and keyboards)

We also used the XCP-ng install drive to boot and select shell. I found the biggest partition, but it I couldn’t mount it as rw, just read-only.
Any suggestion?

Thank you!

https://support.citrix.com/article/CTX116019

@hunor I hope Tom’s reply with the link to Citrix documentation helps. I am no expert and posted my experience hoping that would help anyone. The keyboard not working is quite odd - is it server hardware, or desktop hardware? My host was server hardware, but it behaved for me when I booted with Debian live. As you seemed to try I too would try several USB or even PS2 keyboards.

Perhaps you can post your findings, successes or failures would be helpful.

Thank you for the answers. We tried the Citrix article. Maybe I am not experienced enough in Linux.
I guess the XCP-ng install drive can act as “other os to boot from”.
I find the boot volume but I wasn’t able to mount it with rw permissions.

Sadly the server (HPE Gen10) doesn’t have PS2 port. Weirdly I can’t type over iLo too.

Perhaps when you get a live linux running you can run the ‘fdisk -l’ as root user (in my step #5 above) and post a picture (smartphones are great) here, which we can read?

For me the whole thing hinged on selecting the correct boot volume.