The ESXi password is stored in encrypted form in the shadow file. We need to change the root password in this file. Among all the partitions on the ESXi host we need only /dev/sda5 (/bootbank). This is the disk partition where the image and the OS configuration are stored.
First of all we need to boot into the server from any LiveCD image (SystemRescueCD, Slax, GRML and others)
Output the list of partitions with the command:
fdisk -l
You need a dev/sda5 partition of 250 MB. Create a mount point:
mount /dev/sda5 /mnt
Unpack the contents of file state.tgz and local.tgz into ``/tmp
tar -xf /mnt/state.tgz -C /tmp/
tar -xf /tmp/local.tgz -C /tmp/
The archive files can now be deleted:
rm /tmp/*.tgz
A directory etc with the file shadow will appear in a temporary directory. Open the file with any text editor (such as vi or nano):
nano /tmp/etc/shadow
Remove the hash of the root password (between the first and the second colon) and save changes to the file:
Now by going to the /tmp directory, you need to pack the shadow file in reverse order:
cd /tmp
tar -czf local.tgz etc
tar -czf state.tgz local.tgz
Move the new archive to the original directory with the ESXi image:
mv state.tgz /mnt/sda5/
Unmount the partition:
umount /mnt
You can now reboot:
reboot
When ESXi boots, it will unpack the local.tgz archive and copy the configuration files (including shadow) to the /etc directory. To set a password press F2, and without entering a password press Enter.
Select Configure Password and specify a new password.
