Can't sudo because password is disabled


So, in my attempt to prevent the default ubuntu user from logging in, and to prevent the default sudo user me from logging in with a password, and thus enforcing to use the private key, I managed to lock me out, unable to perform any sudo commands.

Here's what happened.

I ran these commands to prevent ubuntu from logging in, and to lock me's password.

sudo usermod -s /usr/sbin/nologin ubuntu
sudo passwd -l me

However, I forgot to add me ALL=(ALL) NOPASSWD:ALL to the /etc/sudoers.d/me beforehand. And now, even though I can still login as me with the private key, I can't execute any sudo, because it prompts for a password, and the previous password no longer works. I can't login as ubuntu, the other sudoer, and so I am basically stuck.

Executing passwd as me prompts for the current password, which does not exist.

How do I get myself out of this situation? Do I have terminate this box and reinstall? This is not happening on my personal box. This is running on AWS. It's not quite a big of an issue to spin new instances, but I'd like to see if there's an alternative.


Posted 2015-02-25T22:30:44.150

Reputation: 113



Unfortunately, there is no other way to change your own password without having the current password in the first place. This would have to be done with elevated permissions. But since you don't have them anymore, or cannot get these through sudo, a last resort would be to boot into recovery mode and login as the root user. Although I don't think that would be possible for an AWS machine. Same goes for manually writing the sudo configs on the drive, as you don't have the phyisical machine.

Good luck!


Posted 2015-02-25T22:30:44.150

Reputation: 502