Linux

Linux: Change User Password

On Linux, a user account is often simply called a "user".

In this tutorial we'll explore how to change:

  • The password of the current user (the user we're currently logged in as).
  • The passwords of other users.
  • The password of the root user (the administrative user on Linux systems).

How to Change the Password of the Current User

Any time we log in to a Linux machine we'll see a prompt like this:

The prompt above tells us that we're currently logged in as a user called alex. And the machine has a hostname that is set to kodekloud.

So... how do we change the password of our current user called alex? Easily enough, with the passwd command:

passwd

It will first ask us to enter the current password for this user.

💡
Note: As we type these passwords nothing will be displayed on the screen. It's a mild security measure so that nobody currently looking at our monitor can see the password we just typed.

After we type the current password (and press Enter) we get a prompt to choose the new password:

And after we pick the new password we'll be asked to enter the new password a second time.

This is to ensure that we didn't make any mistakes.

After we type the new password for the second time we should see this:

Which informs us that the new password was set for this user. And that's all there is to it.

Now, how do we change the passwords of other users?

How to Change the Password of Any Linux User

The first thing to note is that a regular user is not allowed to change the passwords of other users. Which makes sense, right? We wouldn't want John being able to disruptively change Jane's password. That would be a security oversight, if it would be allowed.

So to change the passwords of other users we need administrative privileges. And there are two ways we can get them:

  • Either we temporarily log in as the "root" user, and then change the passwords of other users. For example, if we log in as root, we can then change the password of a user called john with the command passwd john.
  • The second way is to precede our passwd command with sudo. That will temporarily run the passwd command with administrative privileges (it will run passwd as the root user). And that will give us permission to change the password of any user on a Linux system.

Here are both examples:

Log In as root to Change Another User's Password

Of course, this requires that we either:

  1. Know the password of the root user, so that we can log in as root.
  2. Or have another way of logging in as root. For example, if we have SSH key logins set up on this machine, we can use a private key to log in as root.

If we know the password for the root user, we can log in as root with the su command. Simply type:

su --login

A prompt like root@kodekloud signals that we're now logged in as the root user.

If we have SSH keys set up on this machine, we can (remotely) log in, directly as root, with a command like this:

ssh [email protected]

Where we'd replace 10.11.12.14 with the actual IP of our server / Linux machine.

💡
Note: If your server is in the cloud and you forgot your root password, Google the name of the service that hosts your cloud instance and add "reset root password" to that search. You should find instructions on their own website on how to do this.

Once we're logged in as root, we have full administrative powers. And we can change the password of any Linux user with a command like this:

passwd john

Note the difference this time. It doesn't ask us what the current password for this user is. It jumps directly to choosing the new password. That's because the extra security check is not necessary now (checking if we know the correct password for this user). We're already logged in as root, so the system assumes we should have the power to change any password, for anyone, even if we do not know that user's current password.

Second of all, it makes sense. Although we are the "super user" called root, we might not know the current password for another user (and we should not know it anyway). But we should have the right to change it.

So we just type the new password, then type the new password again, and that's it. Job done, password was changed.

Use sudo to Change the Password of Another Linux User

Now let's say we're logged in as a regular user called alex.

If this user has "sudo privileges" – that is, the ability to use sudo to temporarily get administrative privileges – then we can just add sudo in front of the passwd command to change any user's password.

For example, to change the password of a user called john, we can run this command:

sudo passwd john

Now note a subtle difference. Since if we're Linux beginners it might be confusing when we get asked so many questions about so many passwords.

This time, the first password it will ask us for is our own password, for our current user. It won't ask for John`s password, but rather the password for our own user, called alex. The user we're currently logged in as.

This is a security check to make sure that the intended (human) user is running sudo here. Since only the real person that owns the user called alex should know this password.

So after we type our own password, for our own account, we get to step 2.

When we see New password at the prompt we can pick the password for the other user (called john in this case).

Once again, we'll need to type this new password two times, to ensure there are no mistakes. And we'll see that the password was updated successfully.

Now let's bring the "big guns". How do we change the password for the most powerful user, root?

How to Change the Password for the root User

First, we'll need to log in as root. How we do that depends on how our Linux operating system is set up.

There are three common ways to log in as root:

  1. Using the private SSH key we have on our computer. Which allows us to log in as root, to a remote machine, with a command like ssh [email protected]. Where we'd replace 10.11.12.14 with the actual IP of our Linux machine. If we're using cloud computers on AWS, Google Cloud, Microsoft Azure, or similar, they usually have a page with instructions on how to set this up.
  2. If we know the password for the root user, we can use the su --login command to temporarily log in as root.
  3. If our user has sudo privileges, we can use the sudo --login command to temporarily log in as root.

Here are some examples.

If we know the current password for the root user, we can type this command to log in as root:

su --login

Note that when using su, we will have to type the password of the ROOT user here.

If our current user has sudo privileges, we can type this command to temporarily log in as root:

sudo --login

In this case, we will have to type the password of our CURRENT user here (alex, in this case).

In other words:

  • su will ask for root's password.
  • sudo will ask for our current user's password.

Now that we're logged in as root, we can change the password for the root user with a simple passwd command:

passwd

Weirdly enough, it won't ask us for the current password for root. It will jump directly to setting up the new password for root. So we type the new password for root, twice, and that's it, job done.

Conclusion

It doesn't matter if you're using Ubuntu, CentOS, Red Hat, Debian. These instructions should work the same way on (almost) any Linux-based operating system.

And just in case you're on a journey to learn more about Linux, we have this course:

Linux Foundation Certified System Administrator (LFCS) | KodeKloud
Prepare for the Linux Foundation Certified System Administrator (LFCS) Exam
KodeKloud logo

It's aimed at beginners. And it helps you learn all the Linux essentials in a relatively short amount of time. Plus, we have Linux environments (inside what we call Labs) where you can actually practice the things you learned, the commands, directly in your web browser. You don't even need virtual machines.

Thank you for reading, and see you in the next blog!

Alexandru Andrei

7 min read