Resetting the Password for Logging In to a Linux ECS

Scenarios

Keep your password secure. Reset the password if:

• The password is forgotten.
• The password has expired.

This section describes how to reset the password of user root. After resetting the password, you can log in to the ECS, and change the private key or reset the password of a non-root user.

Prerequisites

• A temporary Linux ECS which locates in the same AZ as the target ECS is available.
• You have bound an EIP to the temporary ECS.

Procedure

1. Download the script for resetting the password and upload the script to the temporary ECS.

   Contact customer service to obtain the password reset script. Use a connection tool, such as WinSCP, to upload the obtained changepasswd.sh script to the temporary ECS.

   To download WinSCP, log in at https://winscp.net/.

2. Stop the original Linux ECS, detach the system disk from it, and attach the system disk to the temporary ECS.
   1. Stop the original ECS, switch to the page providing details about the ECS, and click the Disks tab.
      

      Do not forcibly stop the original ECS. Otherwise, password reset may fail.

   2. Locate the row containing the system disk to be detached and click Detach to detach the system disk from the ECS.
   3. On the page providing details about the temporary ECS, click the Disks tab.
   4. Click Attach Disk. In the displayed dialog box, select the system disk detached in step 2.b and attach it to the temporary ECS.
3. Log in to the temporary ECS remotely and reset the password.
   1. Locate the row containing the temporary ECS and click Remote Login in the Operation column.
   2. Run the following command to view the directory of the system disk detached from the original Linux ECS now attached to the temporary ECS:

      fdisk -l

      Figure 1 Viewing the directory of the system disk
      
   3. Run the following commands in the directory where the changepasswd.sh script is stored to run the script for resetting the password:

      chmod +x changepasswd.sh

      ./changepasswd.sh

      When you run the password reset script, if the system displays a message indicating that there is no command related to logical volume manager (LVM), such as the message "no lvs command", install an LVM tool on the temporary ECS. The LVM2 tool is recommended, which can be installed by running the yum install lvm2 command.

      

      If the original ECS and the temporary ECS both run CentOS 7, a mount failure may occur during script execution. To resolve this issue, replace mount $dev $mountPath with mount -o nouuid $dev $mountPath in the script.

   4. Enter the new password and the directory obtained in step 3.b as prompted.
      If the following information is displayed, the password has been changed:

      set password success.

4. For a non-root user, perform the following operations to enable the login permission of user root:

   vi /etc/ssh/sshd_config

   Modify the following parameters:

   • Change PasswordAuthentication no to PasswordAuthentication yes.

     Alternatively, delete the comment tag (#) before PasswordAuthentication yes.

   • Change PermitRootLogin no to PermitRootLogin yes.

     Alternatively, delete the comment tag (#) before PermitRootLogin yes.

   • Change the value of AllowUsers to root.

     Search for AllowUsers in the file. If AllowUsers is unavailable, add it at the end of the file.

5. Stop the temporary ECS, detach the system disk, attach the system disk to the original Linux ECS, and restart the original Linux ECS.
   1. Stop the temporary ECS, switch to the page providing details about the ECS, and click the Disks tab.
   2. Click Detach to detach the data disk attached in step 2.
   3. On the page providing details about the original Linux ECS, click the Disks tab.
   4. Click Attach Disk. In the displayed dialog box, select the data disk detached in 5.b.
   5. Restart the original Linux ECS.