Appliance (OS) root password expired

I’m in the process of upgrading my lab vCenter appliances to 6.7 U3a, part of the process is to run a pre-upgrade check, the result of which gave me the following warning.

So how do I change the root password?

I am still able to login to the Appliance web portal via https://FQDN-or-IP:5480 for example https://vcenter1.lab.local:5480 however there is no longer an option to change the root password from there.

Change VCSA Root Password The Steps

If you do not have SSH enabled on your vCenter appliance then login to the web portal and go to the Access page and click ‘Edit’ in the top right corner.

From there check to enable the SSH login.

Once you have SSH enabled go ahead and login to the VCSA via SSH.
Then type shell
Then type in the new root password hit return type it again hit return and the password will be reset.

Last login: Thu Nov 21 15:44:24 2019 from
Connected to service

    * List APIs: "help api list"
    * List Plugins: "help pi list"
    * Launch BASH: "shell"

Command> shell
Shell access is granted to root
root@vCenter2 [ ~ ]# passwd
New password: 
Retype new password: 
passwd: password updated successfully
root@vCenter2 [ ~ ]# 

You can verify that the password has been changed by typing.
chage -l root

root@vCenter2 [ ~ ]# chage -l root
Last password change                                    : Nov 21, 2019
Password expires                                        : Feb 19, 2020
Password inactive                                       : never
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 7
root@vCenter2 [ ~ ]# 

If you do not know the root password or you are unable to login with it then follow the VMware KB Here are the details as per the KB article.

The basic steps are.

  1. Take a snapshot or backup of the vCenter Server Appliance before proceeding. Do not skip this step.
  2. Reboot the vCenter Server Appliance
  3. After the VCSA Photon OS starts, press e key to enter the GNU GRUB Edit Menu.
  4. Locate the line that begins with the word Linux.
  5. Append these entries to the end of the line:
rw init=/bin/bash

The line should look like the following screenshot:

  1. Press F10 to continue booting.
  2. Run the command  mount -o remount,rw / 
  3. In the Command prompt, enter the command passwd and provide a new root password (twice for confirmation):
  1. Unmount the filesystem by running this command:
umount /
  1. Reboot the vCenter Server Appliance by running this command:
reboot -f
  1. Confirm that you can access the vCenter Server Appliance using the new root password.
  2. Remove the snapshot taken in Step 1 if applicable.

Leave a Reply

Your email address will not be published. Required fields are marked *