Reset Forgotten Root Password on VMware ESXi 5 and ESXi 4

August 10, 2013 updated by Admin Leave a reply »

Forgot your VMware ESXi Server root password? Try to log on to your ESXi server but for some reason your root password isn’t working anymore? Here we’ll show you a way to reset forgotten root password on VMware ESXi 5 and ESXi 4. But this trick is not officially supported by VMware, so do it on your own risk.

How to Reset Forgotten Root Password on VMware ESXi 5 and ESXi 4?

  1. First of all, you need to boot your ESXi server with a Linux live CD. I prefer GRML, but any live CD will do. Of course, you can also boot from a USB stick.
  2. Find the partition containing a file named “state.tgz”. For my installation, it was on a VFAT filesystem labelled “Hypervisor3”, which is accessible in GRML at “/mnt/Hypervisor3”. You might need to mount it manually with the command

    mount /mnt/Hypervisor3

  3. Unpack the “state.tgz” file somewhere. It contains exactly one file, which is another archive named “local.tgz”.

    cd /tmp
    tar xzf /mnt/Hypervisor3/state.tgz

  4. Unpack the “local.tgz”, and find an “etc” directory containing several configuration files.

    tar xzf local.tgz

  5. Edit the file etc/shadow to change the password.

    vi etc/shadow

    Probably the easiest way is to replace the line starting with “root” with the line of another user account of which you know the password. You only need to change the name at the beginning of the line (before the first colon) to “root”. You’ve then set the root password to a password you know.

    Alternatively, you can just remove the hash altogether (everything between the first and the second colon) and login to the service console as root with no password at all.

    vmware-esxi-password

  6. Re-pack the files and move the modified state.tgz back to the VFAT partition. Probably it is a good idea to make a backup copy of the original state.tgz in case something goes wrong:

    mv /mnt/Hypervisor3/state.tgz /mnt/Hypervisor3/state.tgz.bak
    rm local.tgz
    tar czf local.tgz etc
    tar czf state.tgz local.tgz
    mv state.tgz /mnt/Hypervisor3/

  7. Reboot back into ESXi and you’re done.