GRUB Root Password – NSX Installation

Since the release of NSX-T 3.2, I have had questions about an option in the installation wizard of the NSX Manager OVA appliance regarding the GRUB root password, and in this post, I want to address it. If you wanted to recover a lost or forgotten password for the root account of the NSX Manager appliance, you had to reboot the appliance and force the boot process to enter the GRUB menu.

But to be able to do that, when everything was under control and you had the root’s password, you needed to log in to NSX managers with root and configure the GRUB Hidden Timeout. There was also a default password configured which we could use or change together with the hidden timeout configuration.

If you are using NSX-T 3.1 and prior releases, you can find the detailed configuration here.

The challenge before NSX-T 3.2 could be not configuring the above parameter before the point that you wanted to reset the password. As it is explained clearly by VMware in the documentation, “If the configuration is not performed after deploying the appliance and you forget the root password, resetting it is not possible”. And this could cause a disaster!

So with this new option on the installation wizard, you don’t need to worry that you might forget to set the timeout parameter before the disaster or change the default password. All you need to do is to configure a password for the GRUB root user and set a timeout configuration during the installation.

In case, you want to reset the root password on the NSX Manager appliance, all you need to do is to reset the appliance. Then right after the reboot during the timeout period, press ESC or Shift button to enter the GRUB menu.

On the GRUB menu enter “e” and log in with root and the configured password for the GRUB root during the installation. Then enter “e” again to edit the selected option. Then look for the line that starts with linux and add the following statement to the end of that line.

systemd.wants=PasswordRecovery.service

Finally, press Ctrl+x to boot and enter the new password for the root account when prompted. You need to confirm the password once more, and then the boot process will continue.

Leave a Reply

Your email address will not be published. Required fields are marked *