ROOT PASSWORD CHANGE GUIDE (Linux Distributions)

  • 10/12/2025
  • 3 minute read

Managing root-level credentials is a critical part of Linux server security. Whether you are onboarding new administrators, rotating privileged credentials, or implementing security policies, updating the root password must be performed carefully using proper system tools and authentication controls.

This guide explains how to safely change the root password on the most common Linux distributions, including:

  • RHEL 8 / 9
  • AlmaLinux 8 / 9
  • Rocky Linux 8 / 9
  • Ubuntu 20.04 / 22.04 / 24.04
  • Debian 11 / 12
Info: Always use strong and unique passwords for the root account. Combine uppercase, lowercase, numbers, and symbols to meet security policy requirements.
Warning: Changing the root password while connected over SSH may terminate your active session, depending on your server’s authentication settings.

Method 1 – Change the Root Password on RHEL / AlmaLinux / Rocky Linux

This method applies to all RHEL-based systems, including AlmaLinux and Rocky Linux.

Step 1 — Log in as root or use sudo

sudo -i

This command elevates your session to root privileges using sudo.

Step 2 — Change the root password

passwd

The system will prompt you to type the new root password twice.

Changing password for user root.
New password:
Retype new password:

Step 3 — Confirm the password change

passwd -S root

This outputs the current password status of the root account.

Info: RHEL-based systems may enforce password complexity rules. If your new password is rejected, adjust it to meet policy requirements.

Method 2 – Change the Root Password on Debian / Ubuntu

Debian and Ubuntu behave slightly differently, especially because Ubuntu keeps the root account locked by default.

Step 1 — Switch to root using sudo

sudo -i

This grants administrative privileges necessary to modify account passwords.

Step 2 — Change the root password

passwd root

Provide the new root password twice when prompted.

Enter new UNIX password:
Retype new UNIX password:

If the root account is locked (Ubuntu default)

Enable the root account by assigning it a password:

sudo passwd root

To disable the root account again later:

sudo passwd -l root
Warning: Enabling root on Ubuntu increases security exposure. Use it only when operationally necessary and disable it afterward.

Best Practices After Changing the Root Password

  • Update your team’s password vault or secret management system (Bitwarden, Keeper, Vault, etc.)
  • Disable direct root login over SSH by setting PermitRootLogin no
  • Use sudo for daily administration instead of root
  • Rotate privileged passwords regularly to comply with security policies
  • Restrict SSH access by IP and enable MFA whenever possible

Conclusion

Updating the root password is a simple but essential part of maintaining a secure Linux environment. Whether you manage RHEL-based servers such as AlmaLinux and Rocky Linux or Debian-based systems like Ubuntu and Debian, the passwd command remains the most reliable method for modifying privileged credentials.

By following the steps in this guide and applying the recommended security best practices, your Linux server will remain compliant, secure, and ready for production workloads.


You May Also Like
LLinux
Proxmox commands cheat sheet terminal output
Read More
  • 2 minute read

Proxmox Commands – cheat sheet

  • 20/11/2025
Managing Proxmox Virtual Environment (PVE) through the command line can significantly speed up administration tasks, especially when working…
LLinux
secure ssh configuration changing default ssh port for linux and windows servers
Read More
  • 3 minute read

How to Change the SSH Port

  • 11/11/2025
Why Change the Default SSH Port? Changing the default SSH port is a common security practice that helps…