If you should find that you have a FreeNAS system for which you have forgotten the root
password, here’s an easy way to recover your system.
First, you’ll need to get shell access. If you’ve left the console menu enabled, then resetting the root
password is as easy as 1, 2, 3. However if you have disabled the console menu for security reasons, keep reading for the prescribed recipe.
If you are lucky enough to have a user on the system that has sudo privileges, the first step is to log in as that user. If you do not have such a user, the first step is instead to boot into single-user mode.
TIP: Since FreeNAS has a 1-second timeout on the boot menu, you’ll have to repeatedly tap the space bar when you see it starting to load the kernel; with perseverance you will be able to abort the 1-second timeout to interact with the boot menu wherein single-user mode can be enabled.
Once you’re on the shell (either as root
in single-user mode or as a secondary user with sudo access), the first task at-hand is to make the root filesystem read/write by executing:
mount -a
# Only required if running single-user
mount -uw /
Once this is completed, we can then perform the first of a two-step process to set a new password for the root
account (restoring access to both SSH and the WebUI). Execute:
passwd root
This is only the first step on a FreeNAS system. The work done by the above command will be undone by the /etc/ix.rc.d/ix-passwd
boot script every time the machine boots. We need to take the temporary work performed by the above command and make it permanent by copying the information into the FreeNAS SQLite accounting database.
This can be performed by executing:
sqlite3 /data/freenas-v1.db \
"UPDATE account_bsdusers SET bsdusr_unixhash=\"$( \
awk -F: '$1=="root"{print $2;exit}' /etc/master.passwd \
)\" WHERE bsdusr_username=\"root\""
If you are running as a user with sudo privilege (instead of running as root
in single-user mode), here is a sudo endowed version of the above command:
sudo sqlite3 /data/freenas-v1.db \
"UPDATE account_bsdusers SET bsdusr_unixhash=\"$( \
sudo awk -F: '$1=="root"{print $2;exit}' /etc/master.passwd \
)\" WHERE bsdusr_username=\"root\""
To check your work, here’s a command to extract the hash from the SQLite database:
sqlite3 /data/freenas-v1.db "SELECT bsdusr_unixhash \
FROM account_bsdusers WHERE bsdusr_username=\"root\""
At this point, if you are running in single-user mode, type…
exit
…to continue booting. If instead you used a sudo capable user to make the change, there is no need to reboot as the system accounting table in the FreeNAS SQLite database is in-sync with the FreeBSD system accounting files (/etc/master.passwd
; /etc/spwd.db
; etc.).
You should now be able to log into the FreeNAS WebUI with the updated password. Cheers!