Troubleshooting VCSA Partition getting full
November 20, 2018
File-Based Backup and Restore – vCenter
November 18, 2023
Troubleshooting VCSA Partition getting full
November 20, 2018
File-Based Backup and Restore – vCenter
November 18, 2023

Reset ESXi root password without reinstall

When you forget the ESXi root password and locked yourself out and you contact VMware Support, the answer is gonna be “Reinstalling the ESXi host is the only supported way to reset a password on ESXi.” as mentioned on KB 1317898.

The reason is because of the complex architecture of ESXi. In ESX we had a service console which can be used to boot in single-user mode and reset the password via bash. In ESXi we do not have a service console.

In this blog post, I am gonna explain on how to reset the root password.
Note: The below process is unsupported by VMware. Try at your own risk.

The best option to reset the ESXi root password is to use the Host Profiles.
https://www.vmwareblog.org/forgot-esxi-root-password-no-problems-4-ways-reset/

Unfortunately, host profiles are available only in vSphere Enterprise Plus licensing. Hence, if you are using Standard License, the above method is not gonna work.

Reset VMware ESXi Root Password

I have an ESXi Server for which I do not have the root password.

Boot the ESXi using a Live CD. It can be a RedHat ISO or CentOS ISO or Gparted LiveCD. In my lab, I am using the Ubuntu LiveCD.

Launch GParted Partition Editor.

The actual hypervisor is located on the first 250 MB partition (/dev/sda5) which contains the state.tgz file. At some chances, the partition number would change.

Launch Terminal.

Run the below commands on the Terminal which would gain the root access.

sudo -s

Mount the /dev/sda5 partition.

mount /dev/sda5 /mnt
cd /mnt

You would see the state.tgz file.

ls

Copy the state.tgz to tmp directory. Extract the contents of the state.tgz and you would see another file named local.tgz.

cp state.tgz /tmp
cd /tmp
tar xzf state.tgz
ls

Extract the local.tgz file and your see a folder named etc.

tar xzf local.tgz
ls

In the etc directory, you would see a file named shadow which contains the hash of the ESXi root password.

cd etc
ls

Edit the shadows file.

vi shadow

Delete the password hash

Once the password hash is removed, save and exit.

Re-pack the files and copy the modified state.tgz file back to the ESXi system partition

cd ..
tar czf local.tgz etc
tar czf state.tgz local.tgz
cp state.tgz /mnt/
umount /mnt

Reboot back to the ESXi host

Keep the password field empty and hit Enter.

You would be able to login.
Once login, change the root password using the option Configure Password.

Done!! You have successfully reset the ESXi root password.

Related posts

January 8, 2024

Exporting and viewing LDIF from vCenter using SSH / JXplorer

Read more
December 9, 2023

SSH Key based authentication for vCenter using Putty

Read more
December 8, 2023

SSH Key based authentication for vCenter using Openssh

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *