My Environment (/my-lab) VMWare, PowerCLI (/vmware)

Microsoft, Azure, PowerShell (/Microsoft) About Me (/about)

Virtual Geek (/)

Tales from real IT system administrators world and non-production environment

Resolved: Reset Esxi forgotten root password using hiren bootCD

step by step (/entries/esxi-installation-and-con guration/resolved-
reset-esxi-forgotten-root-password-using-hiren-bootcd-step-by-
step)
March 31, 2018 09:24PM

Reset forgotten ESXi root password on Domain joined Esxi using vSphere web client and Powercli (http://vcloud-
lab.com/entries/esxi-installation-and-con guration/reset-forgotten-esxi-root-password-on-domain-joined-esxi-using-
vsphere-web-client-and-powercli)
Reset ESXi root password using Host Pro les on vCenter server: VMWare vSphere Web client (http://vcloud-
lab.com/entries/vcenter-server/reset-esxi-root-password-using-vcenter-server-vmware-vsphere-web-client)

This is third part of the above related articles reset forgotten root password on esxi and there is a disclaimer Use this
procedure on your own risk because method mentioned here is unsupported by VMware and uno cial. Before
making any changes to Esxi make sure you have taken complete Esxi server con guration backup. Also to reset esxi
root password using o ine ISO, you will require reboot so make sure you plan and put Esxi server into maintenance
mode, this will ensure no VMs are running on subjected Esxi host and it is good for activities. This document I
created for my colleague who are windows administrator and bit hesitant on using Linux command to make
changes, 80% changes are made using Linux user interface.
For this demo, I have downloaded hiren boot cd from url location http://www.hirensbootcd.org/download/. I mostly
use either Dell or HP server, and use DRAC and ILO respectively for remote console. Once ISO is mounted on ILO or
DRAC of server, Reboot esxi and go to BIOS and change BOOT option to CD-ROM, Exit with saving changes, One
more time server is rebooted and ISO boot is loaded.

(/ les/images/vmware-vsphere-esxi-physical-server-bios-basic-input-output-phoenixBios-set-boot-cd-rom-drive-
reset-esxi-server-root-password.png)

Once server is booted from bootable Hiren's BootCD, Select 3rd option from the  list >> Linux based rescue
environment (Parted Magic), and hit enter to start live CD OS.
(/ les/images/vmware-vsphere-esxi-hiren-bootcd-iso-16.2-grub2dos-boot-from-iso-linux-based-rescue-environment-
%28Parted-Magic%29-reset-password-esxi.png)

Next hit enter on Start (Options: Language us). This will start loading OS from CD.

(/ les/images/reset-esxi-root-password-hiren-bootcd-start-options-grub2dos-password-reset-root-esxi-vmware-
vsphere-esxi-uno cial-unsupported.png)

Once OS is loaded, There is Partition Editor software icon on the desktop, double click it, this loads Gparted utility.
Here in the partition lists Esxi con guration is stored on physical hard disk partition /dev/sda5 and /dev/sda6. As Esxi
maintains con guration backup, For Esxi 6.5 sda5 partition contains backup of esxi con guration les/folders, and
Sda6 has current con guration les and folders.
(/ les/images/vmware-vsphere-esxi-reset-6.5-root-password-dev-sda5.-hiren-bootcd-fat-16-partition-mount-using-
bootable-ubuntu-CD-dvd-reset-any-password-o ine.png)

I am going to mount both the drive one by one rst I am going to show it for Sda5 then same con guration need to
be done on sda6 as well. First right click on /dev/sda5 and click Mount, then select the mount location to /dev/sda5.

(/ les/images/vmware-vsphere-esxi-reset-root-password-using-hiren-boot-cd-isouno cial-partition-editor-dev-sda-
dvice-mount-mdeia-mnt-Gparted-utility.png)
Once Esxi partition is mounted successfully, open File Manager icon on desktop twice and on rst le manger
navigate to sda5 250M/media/sda5 and on other le manager go to folder location /tmp. Locate le name state.tgz
from folder path /media/sda5, copy it and paste it under /tmp folder.

(/ les/images/vmware-vsphere-esxi-bootable-hiren-bootcd-ubuntu-reset-root-password- lemanager-esxi-state.tgz-
tar- le-media-sda-tmp-copy- le.png)

Once le is copied, under /tmp, either double click state.tgz or right click it go to context menu Open>> Extract. This
untar/unzip data under state folder.
(/ les/images/copy-state.tgz- le-extract-tar- le-esxi-6.5-reset-root-password-vmware-vsphere-command-line-using-
hiren-bootcd-bootable-uno cial-unsupported-risk.png)

There is a untarred local.tgz le under folder /tmp/state now. Double click local.tgz or in the context menu right click,
Open then extract it, to the local folder, inside local folder there is etc folder.
(/ les/images/vmware-vsphere-esxi-state-tgz-local-tgz-con guration-copy-esxi-root-password-con guration-reset-
esxi-6.5-root-password.png)

Go to the path /tmp/state/local/etc. Find shadow le inside, right click and open it with Text Editor as shown.
(/ les/images/vmware-vsphere-esxi-reset-root-administrator-password-extract-local.tgz-state.tgz-Shadow- le-
passwd-reset-root-uno cial-unsupported.png)

Passwords are registered under shadow le, Remove the hash info, this is encoded password (This almost
impossible to break or decrypt dcode this password). Removing this code means root password is made empty or
blank. Save this le.
(/ les/images/vmware-vsphere-esxi-reset-change-root-password-using-shadow- le-passwd.-esxi-rroot-reset-using-
iso- le-of-hiren-bootable-root-entry-grep-vpxuser-daemon-dcui-nobody.png)

Next open RoxTerm from taskbar, this is similar to putty or Terminal command tool. Type command cd
/tmp/state/local. This location has the esxi con guration  les and modi ed shadow folder with blanked root
password inside etc folder. Tar the etc folder using tar -czf local.tgz etc and next run next command tar -czf state.tgz
local.tgz, to make ready state.tgz.

As you can see when I list the directory. I see local.tgz and state.tgz already present, because I tested it before hand,
running tar command again update both tgz le. No need to rerun tar command again and again, this is just for
demo purpose.

(/ les/images/vmware-vsphere-

esxi-reset-forgotten-esxi-password-using-iso-roxterm-putty-hiren-boot-cd-state.tgz-local.tgz-change-direcotyr-temp-
state-local-tar-czf-tgz- le.png)
Here I am copying processed state.tgz le from /tmp/state/local to /media/sda5 ESXi server, this will show message
of overwrite, as le already exist. Go ahead with the same and replace it.

(/ les/images/vmware-esxi-reset-forgotten-password-o ine-vsphere-vmware-esxi-state.tgz-local.tgz-overwrite-
state.tgz-etc- le-and-passwd- le.png)

Next on GParted partition editor,  right click sda5 device (it shows a lock means it is mounted) and click unmount.
(/ les/images/reset-esxi-forgotten-root-password-using-hiren-boot-cd-Ui-dev-sda5-sda6-fat-16-root-password-
changed-unmount-media-manage- ags-o ine-password-reset-administrator.png)

Next Do the same for /dev/sda6 partition, mount it, copy state.tgz, untar, and under local/etc folder local shadow le
and make necessary changes to root user by removing hashed encoded password string. You can also perform this
trick completely using command line on RoxTerm  as below.

# This mounts the sda6 partition

mount /dev/sda6  /mnt

# Change directory location to /mnt

cd /mnt

# Copy le state.tgz to /tmp folder

cp state.tgz /tmp

# Change directory location to /tmp 

cd /tmp

# Untar state.tgz le
tar -xzf state.tgz

# Untar local.tgz le
tar -xzf local.tgz
# Change directory location to etc
cd etc

# Edit shadow le using vi editor, Press i to start editing, once password hash is removed, press esc button and save
it with :wq.
vi shadow

# Tar (update) etc folder into local.tgz 

tar -czf local.tgz etc

# Tar (update) local.tgz folder into state.tgz

tar -czf state.tgz local.tgz

# Copy new state.tgz to /mnt/ on esxi server

cp state.tgz /mnt/

# Unmount partition /mnt and reboot.

unmount /mnt
reboot

Before rebooting esxi server make sure you unmount Hiren's ISO le from remote console and change BIOS to boot
from hard disk. Once server is restarted and Esxi OS is loaded. After pressing F2, I am able to login with empty blank
root password.
(/ les/images/vmware-vsphere-esxi-empty-dcui-password-no-password-authentication-required- nd-password-
reset-password-log-in-name-hiren-boot-cd.png)

Once logged onto Esxi successfully change the password under Con gure Password. As you can see Old Password is
in grayed out in color means there is no password set, it is empty. Change it with new password.
(/ les/images/vmware-esxi-con gure-root-password-without-knowing-change-root-password-unknown-password-
no-passoword-change-esxi-root-o ine-password-hiren-boot-cd.png)

Useful articles
PART 1 : INSTALLING ESXI ON VMWARE WORKSTATION HOME LAB (http://vcloud-lab.com/entries/general/installing-
esxi-on-vmware-workstation-home-lab)
Reset/Restart HP ILO (Integrated Lights-outs) using putty (http://vcloud-lab.com/entries/windows-2016-server-
r2/reset-restart-hp-ilo-integrated-lights-outs--using-putty)
Reset HP ILO password from Esxi server (http://vcloud-lab.com/entries/esxi-installation-and-con guration/reset-hp-
ilo-password-from-esxi-server)
PART 3 : MY VSPHERE LAB CONFIGURATION ON VMWARE WORKSTATION (http://vcloud-
lab.com/entries/general/part-3-my-vsphere-lab-con guration-on-vmware-workstation-)

Go Back

0 comments (/entries/esxi-installation-and-con guration/resolved-reset-esxi-forgotten-root-password-using-hiren-

bootcd-step-by-step#comments)
 Posted in ESXi Installation and con guration (/entries/esxi-installation-and-con guration)
  Tags esxi (/tags/entries/esxi) vmware (/tags/entries/vmware) vsphere (/tags/entries/vsphere) vcenter
(/tags/entries/vcenter) esxi con guration (/tags/entries/esxi-con guration)
 Share
 Subscribe (http://vcloud-lab.com/entries/esxi-installation-and-con guration/resolved-reset-esxi-forgotten-
root-password-using-hiren-bootcd-step-by-step.atom)
 Digg (http://digg.com/submit?url=http://vcloud-lab.com/entries/esxi-installation-and-con guration/resolved-
reset-esxi-forgotten-root-password-using-hiren-bootcd-step-by-step&title=Resolved: Reset Esxi forgotten root
password using hiren bootCD step by step)
 Reddit (http://reddit.com/submit?url=http://vcloud-lab.com/entries/esxi-installation-and-
con guration/resolved-reset-esxi-forgotten-root-password-using-hiren-bootcd-step-by-step&title=Resolved: Reset
Esxi forgotten root password using hiren bootCD step by step)
 Delicious (https://secure.del.icio.us/login?url=http://vcloud-lab.com/entries/esxi-installation-and-
con guration/resolved-reset-esxi-forgotten-root-password-using-hiren-bootcd-step-by-step&title=Resolved: Reset
Esxi forgotten root password using hiren bootCD step by step)
 Stumbleupon (http://www.stumbleupon.com/submit?url=http://vcloud-lab.com/entries/esxi-installation-and-
con guration/resolved-reset-esxi-forgotten-root-password-using-hiren-bootcd-step-by-step&title=Resolved: Reset
Esxi forgotten root password using hiren bootCD step by step)
 Google bookmark (http://www.google.com/bookmarks/mark?op=edit&bkmk=http://vcloud-
lab.com/entries/esxi-installation-and-con guration/resolved-reset-esxi-forgotten-root-password-using-hiren-
bootcd-step-by-step&title=Resolved: Reset Esxi forgotten root password using hiren bootCD step by step)
 Facebook (http://www.facebook.com/sharer.php?u=http://vcloud-lab.com/entries/esxi-installation-and-
con guration/resolved-reset-esxi-forgotten-root-password-using-hiren-bootcd-step-by-step&t=Resolved: Reset
Esxi forgotten root password using hiren bootCD step by step)
 Twitter (http://twitter.com/home?status=Check+out+http://vcloud-lab.com/entries/esxi-installation-and-
con guration/resolved-reset-esxi-forgotten-root-password-using-hiren-bootcd-step-by-step)

Comment
Name:

E-mail:

Website:

Comment:
 I'm not a robot
reCAPTCHA
Privacy - Terms

Submit

BLOG SEARCH

Search

PAGE VIEWS
2505514

SUBSCRIBE TO OUR EMAIL NEWSLETTER & RECEIVE UPDATES RIGHT IN YOUR INBOX (550+ USERS).

Enter your email address :)

SUBSCRIBE NOW !
 ARCHIVE
May 2019 (/entries/2019/5) (5)
April 2019 (/entries/2019/4) (11)
March 2019 (/entries/2019/3) (5)
February 2019 (/entries/2019/2) (2)
December 2018 (/entries/2018/12) (1)
September 2018 (/entries/2018/9) (4)
July 2018 (/entries/2018/7) (3)
June 2018 (/entries/2018/6) (7)
May 2018 (/entries/2018/5) (12)
April 2018 (/entries/2018/4) (9)

Show all...

COMMENTS
Advertise Here Advertise Here
ichayan
How to replace default vCenter VMCA certi cate with Microsoft CA signed
certi cate (/entries/vcenter-server/How-to-replace-default-vCenter-VMCA-
certi cate-with-Microsoft-CA-signed-certi cate)
May 8, 2019 02:55PM

Kunal (http://vcloud-lab.com)
PowerShell remoting over HTTPS using self-signed SSL certi cate (/entries/powershell/powershell-remoting-over-
https-using-self-signed-ssl-certi cate)
May 3, 2019 09:54AM

Roman Mazi (http://vcloud-lab.com/entries/powershell/powershell-remoting-over-https-using-self-signed-ssl-

certi cate)
PowerShell remoting over HTTPS using self-signed SSL certi cate (/entries/powershell/powershell-remoting-over-
https-using-self-signed-ssl-certi cate)
May 2, 2019 03:22AM

Kunal (http://vcloud-lab.com)
How to replace default vCenter VMCA certi cate with Microsoft CA signed certi cate (/entries/vcenter-server/How-to-
replace-default-vCenter-VMCA-certi cate-with-Microsoft-CA-signed-certi cate)
April 29, 2019 10:15PM

ichayan
How to replace default vCenter VMCA certi cate with Microsoft CA signed certi cate (/entries/vcenter-server/How-to-
replace-default-vCenter-VMCA-certi cate-with-Microsoft-CA-signed-certi cate)
April 29, 2019 04:17PM

Follow me on Blogarama (http://www.blogarama.com/software-blogs/1234882-blog/)

Disclaimer: All the steps and scripts shown in my posts are tested on non-production servers rst. All the scripts
provided on my blogs are comes without any warranty, The entire risk and impacts arising out of the use or
performance of the sample scripts and documentation remains with you. Author is not liable for any damages
whatsoever arising out of the use of or inability to use the sample scripts or documentation.
Warning: Everything I say and do in these blogs or videos are subject to mistake and criticism. please do everything
in your power to correct me if I saying or doing something wrong, or inform me of what I could be doing better. I am
a man made out of my environment, and you are the ones creating who I am. Please don't let me fall to stupidity or
ignorance, I expect the absolute best in each and every one of you and I hope you expect the same of me. Thank
you.
Usage of cookies: In order to optimize the website and for continuous improvement vcloud-lab.com uses cookies.
You agree to the usage of cookies when you continue using this site.

© 2016 - 2020 vcloud-lab.com