Raspbian root default password

Question

I tried to modify the sudoers file on Raspbian /etc/sudoers, and it looks like I made a mistake, as I'm unable to modify it again. I am also unable to call any command that requires sudo permissions. So I have done some research and I found a solution here.

The solution uses the command *pkexec visudo*, but when I tried that it gives me an error message: Authentication is needed to run '/usr/sbin/visudo' as the super user. Also there is a drop-down list, it contains only the word 'root' (and couldn't be changed). As well as named Identity and a blank text-box named Password.

So the question is how could I know the root password? I tried 'root', 'raspberry', 'admin' e.t.c... but nothing has worked.

According to the answers, it seems a little bit impossible to log in using root, then using pkexec visudo will not solve my problem! and according to the answer my only way is to use a linux pc in order to view my sd contents and modify the sudoers file. I've already installed Debian on my virtual machine, and Finally I can access the sudoers file but I have no permission to access it! it says that I'm not the owner of the file! I understand this security issue, but as many people during my online search suggests to use a linux pc to modify the sudoers file, then there should be a way to gain access to it. is there anyone know this way?

Answer 1

Raspbian by default is configured so that the root account can't be logged into using a password. This is done by starting with an entry in /etc/password which begins:

root:x:0:0:

The fields are separated by colons and explained in man 5 passwd (note the 5, since man passwd will give you the man page for the command passwd; section 5 is for configuration files, and in this case they have the same name). Here the first one is the name (root), the third and fourth are the numerical uid and gid (both 0), and the second is for the password. For most entries this will be x, indicating the actual password is in another file, /etc/shadow.

Note that "the actual password" is not really stored anywhere. What's stored in shadow is a one-way hash of the actual password. A one way hash is the result of a process which will always produce the same thing (allowing your password to be verified), but is irreversible. In other words, if someone gets their hands on shadow, there is no way to deduce the password from the hash. However, if they can modify shadow, obviously they can disable or change what will work as a password. But they will never be able to discover your passwords. This is why even root cannot do that (although root can always change them to something else without needing the original).

In root's case, the entry in shadow starts like this, as it does for most other system accounts:

root:*:

The * indicates there is currently no possible password which could be used for this account.

The root user can change this, however, using the passwd command to set a new password, which will replace the * with the hash mentioned earlier (these always begin $n$ where n is some random value that's used as the "salt" for the hash, but you don't need to understand that).

Anyway, when I set up a card from a fresh image the first thing I do is go into /etc/passwd and remove the x so root's entry now starts:

root::0:0

Notice there's now no second field. This means there's no password and all you have to do is type root at a login prompt and you are logged in as root. You can then use passwd to set one.

So, you have two choices here but they both require you take the card out of the pi and access the second partition from another system (that can read/write ext4 partitions).

1. Restore sudoers. If you have a reference image this is easy, you can just put it back the way it was by replacing it. Otherwise it is the more complicated option since you must know what you are doing (and your track record with sudoers is not so good...).

2. Edit /etc/passwd and remove that x as described above, put the card back in, log in as root, create a password. Of course, you'll still need to fix sudoers, but trial and error will be made easier since if you are really root, you will always be able to access it.

If you don't have a system that can access ext4 filesystems (a Debian "live CD" is a good choice here), then you're stuck. You'll have to reflash the card and start again.

Answer 2

To set a root password:

• Boot up and login normally.
• Run:sudo passwd root
• Type in the new password for root as prompted

Source: https://www.raspberrypi.org/forums/viewtopic.php?f=91&t=5056&start=25

Answer 3

Raspbian does NOT have a root password. It differs from Ubuntu in that respect. You can create a root password, but AFAIK that requires sudo.

The best bet is to edit the files by mounting the SD Card on a Linux machine.

This can be done on the Pi if 1. you have a SD Card reader 2. You use a good OS on another SD to boot the Pi.

Answer 4

The classic Unix solution would be to boot into single user mode, which means you are logged in as root and can then fix the necessary files without using su or sudo. A quick google for raspberry pi single user will reveal the instructions. This page is typical https://linux.tips/tutorials/how-to-boot-raspberry-pi-into-single-user-mode

You can configure Raspberry Pi to boot into single-user mode by editing the cmdline.txt using an external computer system. Single user mode on Raspberry Pi allows you the boot the system as user id 0 which the root user. Single user mode allows you to change forgotten user passwords and make other modification to correct your Raspberry Pi system with superuser permissions.

How to boot into single user mode?

Insert the card in your Windows/Mac SD card reader

Edit the file “cmdline.txt” and append “init=/bin/sh”

Insert the card back into the Raspberry Pi again and boot up

When prompt available, enter “su” to log as root (with no password)

That's it now you have successfully logged onto your Raspberry Pi into single user mode as root user without password, you can reset your passwords etc.

Answer 5

If you download Puppy Linux for Raspberry Pi from http://puppylinux.org/main/Download%20Latest%20Release.htm#quirky and install it on a thumbdrive then you should be able to boot your computer from that, and because Puppy always runs as root with no password you can change anything on the computer you wish. Make your modifications, then reboot the computer without the Puppy boot media. Now the computer will boot into your altered system without Puppy.

I'm a bit new to Raspberry Pi, so I don't know how to boot it from a different device (thumbdrive), but there's probably a way. Perhaps the Noobs system by holding down shift while booting.

I'll add a simple alternative to booting from a another drive: The Raspberry Pi could instead be booted from the Puppy installation on an SD card (or microSD card) and the original installation media could be read and altered from a card reader plugged into the same Raspberry Pi.