If you’ve lost the private key of an SSH key pair used to log into Fedora CoreOS, and do not have any password logins set up to use at the console, you can gain access back to the machine by booting into single user mode with the
single kernel command-line argument:
When booting the system, intercept the GRUB menu and edit the entry to append
singleto the kernel argument list, then press Ctrl-X to resume booting.
Wait for the system to boot into a shell prompt
Set or reset the password for the target user using the
Finally, reboot the system with
You should now be able to log back into the system at the console. From there, you can e.g. fetch a new public SSH key to add to
~/.ssh/authorized_keys and delete the old one. You may also want to lock the password you’ve set (using
passwd -l). Note that Fedora CoreOS by default does not allow SSH login via password authentication.
Want to help? Learn how to contribute to Fedora Docs ›