Reset the root password Recover root access on a HolyCloud VPS: panel reset, rescue mode, chroot, and post-recovery best practices. ~8 min read Beginner #root #password #rescue #recovery Reset the root password If you lost the root password or SSH key-only authentication is misconfigured, you must reset credentials without reinstalling the whole system. On a HolyCloud Linux VPS, the recommended method is the customer area; this guide also details rescue mode for advanced cases. Prerequisites Access to the HolyCloud customer area (VPS owner) Recent backup or snapshot if manipulating disks in rescue mode For rescue method: Rescue or Live CD image in the panel, console access (VNC/noVNC) Note the VPS IP and plan maintenance (reboot required) Warning: Changing the root password does not fix bad sshd config (keys only, custom port). Keep an open SSH session or HolyCloud console during SSH changes. Step 1: reset via HolyCloud panel (recommended) Customer area → VPS → select the instance. Password / Reset root password section (label varies). Generate or enter a strong password (20+ characters, letters, numbers, symbols). Confirm; the panel applies the change (sometimes after a short reboot). Connect: ssh root@IP_DU_VPS Change the password again if the panel displayed it in plain text: passwd Step 2: verify SSH still accepts passwords If PasswordAuthentication is no in /etc/ssh/sshd_config, the new password alone will not work. Via HolyCloud VNC console (without SSH): sudo grep -E '^PasswordAuthentication|^PermitRootLogin' /etc/ssh/sshd_config Temporarily (console only): sudo sed -i 's/^PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config sudo sed -i 's/^#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config sudo systemctl reload ssh Reconnect over SSH, deploy an SSH key, then harden again (see « Secure SSH »). Step 3: rescue mode — mount the system disk When the panel is not enough or the system no longer boots: HolyCloud panel → boot on Rescue (Debian/Ubuntu live). Reboot the VPS, open the console. Identify the volume (often /dev/sda1 or /dev/vda1): lsblk -f fdisk -l Mount the installed system root: mount /dev/vda1 /mnt ls /mnt/etc/os-release If LVM or separate /boot partition: vgscan vgchange -ay mount /dev/mapper/vg0-root /mnt mount /dev/vda1 /mnt/boot 2>/dev/null || true Step 4: chroot and passwd in rescue mode mount --bind /dev /mnt/dev mount --bind /proc /mnt/proc mount --bind /sys /mnt/sys mount --bind /dev/pts /mnt/dev/pts chroot /mnt passwd root exit Unmount cleanly: umount /mnt/dev/pts umount /mnt/dev /mnt/proc /mnt/sys umount /mnt Reboot to the normal disk in the HolyCloud panel. Step 5: reset a non-root user password In rescue or a normal session: passwd deploy Check sudo rights: groups deploy grep deploy /etc/sudoers /etc/sudoers.d/* 2>/dev/null Step 6: after recovery — minimal hardening passwd -l root 2>/dev/null || true # Only lock root if a sudo user + SSH key works ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -N "" # Deploy the public key on the VPS apt update && apt upgrade -y Enable a key for your admin and test before disabling password login: ssh -i ~/.ssh/id_ed25519 deploy@IP_DU_VPS Verification ssh root@IP_DU_VPS 'echo OK && id' sudo grep '^root:' /etc/shadow | cut -d: -f2 # ! or * means locked account; $y$ or $6$ hash means password set Console test: root login with the new password from the panel VNC if SSH still fails. Need help? Panel password applied but SSH refuses: PasswordAuthentication, PermitRootLogin, custom SSH port, UFW — send sshd -T | grep -E 'password|permitroot|port' Rescue: partition not found — capture lsblk -f and the partition layout from the panel HolyCloud support: VPS ID, reset time, method used (panel vs rescue) Continue reading Previous article Python 3 and virtual environments Read Next article Restore a HolyCloud snapshot Read
FR