Root password

The root password is managed by the FSF: the FSF sysadmins have access to it and it's stored encrypted somewhere.

If the VM doesn't show up on the network, they still need to be able to bring it back up by logging in and configuring the network manually.

In any case, if the VM doesn't boot or doesn't show up on the network they are able to get access to it without password by booting it with the following command line:


However using chroot (which also works when the VM is booted) from the host doesn't work here: if a VM is compromised somehow, chrooting into it could also compromise the host: when chrooting as root, the code and commands from within the VM are executed as root.

SSH Root access

The FSF sysadmins also have root access to the VM as they might need to access the VM through the network for various reasons like to shut it down cleanly in case of serious issues (security risk to the network), do emergency fixes inside it, test if SSH works, and so on.

When adding people to the authorized_keys: