It used to be the case that if you booted single user mode you would get a console prompt without having to login and you could just type passwd to change the password. However, I just tried, and on my system it does ask for a login even in single user mode. If single user mode is asking for a login, then you may have to boot with a bootable CDROM, mount the root partition in read-write mode mount -o remount,rw /dev/hda1 Then edit /etc/shadow to remove the password for root user. That is, everything past the first : until before the second : You may need to force the save in the editor, for example in vi save with :wq! or :x! As an aside to this, since it's still easy to change passwords and such, to do the inverse and increase security, here is an example using lilo instead of grub: Password protect the BIOS, this way BIOS boot configuration cannot be changed without entering BIOS password first. In BIOS settings, change the boot preferences to ONLY boot from the hard drive with the root partition, disable all other choices. In the lilo configuration, set the timeout to zero, use the keyword restricted, and use the password option in lilo. Change permissions on /etc/lilo.conf so that only root can view and modify. Use chattr +i /etc/lilo.conf for some extra protection. Run lilo to update. Now the system will not load anything without the BIOS password, and will boot immediately into the root partition on hard drive. It will not allow entering boot parameters, so no access to single user mode. It will not boot from any removable media like CDROM or floppy. But don't forget the BIOS password! -- Doug
