VMware Cloud Community
joeseppi
Enthusiast
Enthusiast

Recover forgotten password ESXI 5.1. Options?

Will be moving VM's from ESXi 5.1 to 6.5.   Already moved, via scp, several "legacy" VM's that are normally powered off.  The worked well, in limited testing.  But are now powered down.

Meanwhile, back a the ranch, someone, who shall remain unnamed, decided to change the root password on the 5.1 host, as a "precaution", late one evening.  And now, this same anonymous someone, cannot seem to recall and did not record, this feat of genius.

I did find some blurbs on how to do this by creating an alternate "host profile" (a non sanctioned method), but I do not find that option in the single server licensed version in use.

There are some references to installing ESXi 5.1 on a "USB STICK" and booting that, or, "re-installing" 5.1.   Presumably, once installed on on and booted from USB, one should be able to mount/see the vmfs/datastore and the world will be safe for democracy once again.

But it is not clear to me how to create this bootable ESXi5.1 USB stick.  Neither is it clear that I can "Reinstall" 5.1 on the existing drive and retain the datastore unscathed.

Pointers?  Solutions?

I'm assuming, of course that vmfs being a proprietary file system, it will not be visible to current Linux versions?

 

Reply
0 Kudos
13 Replies
pcgeek2009
Hot Shot
Hot Shot

So, you can do a reinstall and not impact the VM's as long as they reside on a separate disk\datastore. I have attempted some non-sanctioned methods in the past to recover a system, but ended up bricking the host and needing to reinstall anyway. You can use the Rufus tool in combination with the install ISO to make a bootable to reinstall ESXi onto the host. 

https://rufus.ie/en/

To install on and boot from a USB, you would need to attach the USB drive, boot to the ISO, then select the USB as the installation destination. Once installed, you would need to change the setup of the host to boot to the USB drive. However, if the host has some age on it, it may not have that functionality. 

Reply
0 Kudos
glenatwork
Contributor
Contributor

.

Reply
0 Kudos
ThompsG
Virtuoso
Virtuoso

Hi @joeseppi,

 

First all the warnings out of the way:

  • This is not supported by VMware in anyway. As you have listed the only official stance is to rebuild.
  • Ensure you have no data to lose - VMs are not running on this host or you have recoverable (and tested) backups.

 

If you are still brave enough at this point, then this blog will take you through a method of removing the current root password and allowing you to set it to a known value: https://www.unixarena.com/2014/05/recover-vmware-esxi-root-password.html/

 

Again, no warranties either implied or expressed will be honored. Apart from the fact your version of ESXi is currently outside support, this will take you way outside support. Many have done this and experienced no ill effects however your mileage may vary 🙂

 

Kind regards.

Reply
0 Kudos
joeseppi
Enthusiast
Enthusiast

I see only windows versions of RUFUS.   I pause wondering when it will determine required drivers on the target host? 

Or are you suggesting how to first make a boot-able installer USB, from which to install?

 

Reply
0 Kudos
joeseppi
Enthusiast
Enthusiast

I've done similar on "Pure Linux" systems with Knoppix DVD's.  

I do NOT have any current "off disk" backups of the VM's I want to copy.    But, if I am careful/lucky (right) it looks like I should not be in serious danger of clobbering the datastore.   Or am I being naive?  Again?

It is specific in referring to ESXi 5.5.   Is it known to work for 5.1?


Since it appears possible to gain access to various devices, is would seem hypothetically possible to be able to copy files in the datastore(s).   Are these not visible except under VMware?

Reply
0 Kudos
ThompsG
Virtuoso
Virtuoso

Rest assured I have tested this against ESXi 5.1 build 2323236 using the latest Ubuntu desktop ISO. Worked happily however I would again point out, the risk is yours to carry. 

 

If it was me, I would get a backup of your machines before you proceed. This could be something as simple as Windows Backup if running Microsoft OS in the guests or another such tool for other operating systems or even a tool that takes a full disk image.

 

There are utilities to 'read' VMFS but this is probably not a path you would want to follow if I can be honest. The best bet is to have a good backup so you don't need to travel this path.

 

As you mention, theoretically if you are careful there should not be an issue. I would just protect myself in case Mr Stuff Up comes to visit 🙂

Reply
0 Kudos
joeseppi
Enthusiast
Enthusiast

Thanks.   I was really hoping to copy the VM files and register them on the new platform.   No Windows guests on that host.

SCP seems to be the only way in this environment to get that done.  Of course the root password is needed to do that. 

Unfortunately, the datastore is made up of several HD's in a "blob of disks" arrangement so making a clone of each is problematic, I think.  Right now, can't think of another way to copy the images.

Did manage to install 6.5 on a USB stick and will try booting the old host on that to see if it will recognize that datastore and have network functionality.   For some reason the 5.1 installer DVD I have seems wacked as it will declare no network device found and lock up or simply lock up with a dark screen, depending on the machine I try it on.

 

Reply
0 Kudos
ThompsG
Virtuoso
Virtuoso

That should work as long as the host can boot from USB. Once started, ESXi 6.5 will have no issues reading the VMFS datastore (assuming no current issues with it) and is perfectly legit to do this.

 

Let us know how you get on!

Reply
0 Kudos
pcgeek2009
Hot Shot
Hot Shot

The nice thing if it boots on the 6.5 USB, you can then just migrate the VM’s to the new 6.5 host. 

If you try the password reset, I would definitely take the advice of backing it up. As I mentioned, I have twice bricked a host trying it. However, in both cases, these were blades that boot over SAN so it may have had some impact. 

Reply
0 Kudos
joeseppi
Enthusiast
Enthusiast

I should have asked before.  Is there any way to change the password via VSphere Client?

VSphere client is still running on my PC.  It was running when I changed the password at the physical host and left it logged in overnight.

The single server version is hobbled in many ways and perhaps it cannot be done?

Reply
0 Kudos
joeseppi
Enthusiast
Enthusiast

AND . . .  In fact one can change the root password via VSphere.  Once one looks and tries.    All that is required is . . . brains.  I will refrain from any further comment along those lines for fear of banishment.

I can SSH into the source host now and can go from there.

Thanks for all the suggestions.

pcgeek2009
Hot Shot
Hot Shot

Sometimes details in the question do matter. There are those who run ESXi standalone without vCenter. Typically, if the password was changed and not changed in vCenter, it would have resulted in a disconnected host. In which case, you could not have changes the password via vCenter. 

Reply
0 Kudos
ThompsG
Virtuoso
Virtuoso

Sorry to be doing this but a slight correction. With a vCenter joined host, while you can use the root account to add the host to vCenter there is a vpxuser which is created locally that is used by vCenter to manage the host. You can change the root password as much as you like at this point and the host stays connected to vCenter 🙂

 

Kind regards.

Reply
0 Kudos