Resetting ESXi password

On a dedicated server or VPS, you may need to recover or change the root password for an ESXi host, especially if the password is forgotten or lost. In ESXi, the password is stored in an encrypted form in the shadow file, which resides on the system partition. This article provides a step-by-step guide on how to change the root password by working directly with the shadow file using a LiveCD image.

How to Change the Root Password on ESXi

The root password is stored in encrypted form in the shadow file. To change it, you need to work with the /dev/sda5 partition (the /bootbank partition), where the ESXi OS image and configuration are stored.

First, boot the server using any LiveCD image (for example, SystemRescueCD, Slax, GRML, or others).

List the partitions with the command:

fdisk -l

Locate the /dev/sda5 partition, which is approximately 250 MB in size. Create a mount point and mount the partition:

mount /dev/sda5 /mnt

Extract the contents of state.tgz and local.tgz into the temporary directory /tmp:

tar -xf /mnt/state.tgz -C /tmp/
tar -xf /tmp/local.tgz -C /tmp/

After extraction, you can remove the archives:

rm /tmp/*.tgz

A folder named etc containing the shadow file will appear in the temporary directory. Open it with any text editor, for example nano:

nano /tmp/etc/shadow

Delete the root user's password hash (the string between the first and second colons) and save the file:

Next, go to the /tmp directory and repack the shadow file into the archives in reverse order:

cd /tmp
tar -czf local.tgz etc
tar -czf state.tgz local.tgz

Move the new archive to the original ESXi image directory:

mv state.tgz /mnt/sda5/

Unmount the partition:

umount /mnt

Reboot the server:

reboot

During boot, ESXi will extract local.tgz and copy the configuration files (including shadow) to the /etc directory.

To set a new password, press F2, and without entering a password, just press Enter:

Select Configure Password from the menu and enter your new password: