cPanel Forums
07-08-2009, 10:34 AM
|
||||
|
||||
Old account passwords STILL WORK!
I have a client which is getting very frustrated, as his old passwords still work (as well as new).
I have spoken to the company responsible for my server license and ended up changing password from command line and that seemed to wipe out old passwords, but now hes changed the password to his own one the problem remains and all his old passwords still work. This is a urgent security issue for the client as he gave access to someone to do something and is now unable to revoke it. Any ideas as to why and how the hell this is happening?
__________________
    
|
|
07-08-2009, 11:54 AM
|
||||
|
||||
|
Quote:
__________________
Want our technical analysts to login to your server to assist you? You can contact our technical analysts at: http://tickets.cPanel.net/submit
|
|
07-08-2009, 12:00 PM
|
||||
|
||||
|
Quote:
He has changed password using WHMCS (which obv does changes via API module). I have personally change his password via WHM using both the sub form on the list accounts and the dedicated account password change page. They would enable the new passwords to work but the old passwords still work (currently he can use 3 passwords to login). I spoke with support for where i get my server/cpanel from their solution was to change password from command line using /scripts/chpass they did this and i did this and it appeared to stop the old passwords working. The client then changed the random gen password which i changed it to to his own... but apparently now the 3 passwords still work and allow login to the account.
__________________
|
|
07-08-2009, 12:23 PM
|
||||
|
||||
|
Quote:
Things to check for: 1. Is the customer closing their web browser after logging out? If you are using the default HTTP authentication, the user is logged in until they close their web browser. 2. When logging in as the customer with their password, do you ever see a message at the top indicating they're logged in as a reseller? If the user is closing their browser and they aren't logging in with their username and a reseller's password (which can happen if a reseller has a weak or commonly used password), please submit a support ticket so we can see his happening on your server and determine the cause of this issue: http://tickets.cPanel.net/submit
__________________
Want our technical analysts to login to your server to assist you? You can contact our technical analysts at: http://tickets.cPanel.net/submit
|
|
07-08-2009, 12:39 PM
|
||||
|
||||
|
Quote:
I have just logged in and out (and closed the browser between each try) with 3 different passwords on the account. No override notices shown so im fully confident this isn't a user side issue. Is it even possible for one account to have many same level (eg, not override by reseller/root) passwords? EDIT: Just submitted a ticket, Request id is: 454218
__________________
Last edited by dansgalaxy; 07-08-2009 at 12:46 PM.
|
|
07-08-2009, 01:47 PM
|
|||
|
|||
|
Hint: If you are using raid and one or more hdd's crashed -> system will turn them as read-only (happens on vps'es mostly from what i seen in the past).
|
|
07-08-2009, 01:53 PM
|
||||
|
||||
|
Quote:
__________________
|
|
07-08-2009, 09:09 PM
|
||||
|
||||
MySQL, Mail, and FTP would be one thing but am I correct in assuming
you are talking about Cpanel / WHM / SSH passwords? For the later, the passwords are related to the server so it doesn't make any sense that a changed password would still work unless an open session were carried forward perhaps (See files in /tmp) or a new account were created but then that would have a new login. Does the user have duplicate entries in /etc/passwd?  (/etc/shadow .... same question) Interserved may have made that side RAID comment thinking that perhaps your user account files weren't getting updated but if that were the case then the new passwords would not work and logins would only work with the original unchanged passwords. I don't know, it is is as you say, there is something definitely really screwy going on with your server that does not make any logically sense without seeing things and digging into it first hand.
__________________
My Server Expert: Server support, security, and management!
|
|
07-09-2009, 06:25 AM
|
||||
|
||||
|
Right ok...
Was on support ticket all yesterday with cPanel... think got it fixed. It appears that some how the password algo for the server was changed from Md5 to DES so some passwords saved as md5 (presumably those which havent been changed in a while/since algo change) So I was instructed to change algo via command line and re-changed the users password so saved as md5. It appears the problem was because DES only allows a set number of characters and anything extra is ignored so when my client changed his password to something he was just changing the last few chars meaning the first x letters were the same. Now been corrected so hopefully wont have the issue again, was certainly a mind boggler. lol
__________________
|
 |
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| All accounts suddenly jailshells and passwords dont work?? | wzd | cPanel and WHM Discussions | 4 | 12-21-2007 01:29 PM |
| !!No Passwords Work for cPanel and WHM!! | Steven_K | cPanel and WHM Discussions | 10 | 05-17-2005 12:21 PM |
| Cpanel passwords dont work | aykfounder | cPanel and WHM Discussions | 5 | 03-07-2005 08:16 PM |
| after update unroutable domains and no passwords work? | rockster | cPanel and WHM Discussions | 0 | 10-15-2003 11:50 AM |
| how to get account passwords ? | Radio_Head | cPanel and WHM Discussions | 7 | 07-31-2002 08:48 AM |
All times are GMT -5. The time now is 12:17 AM.
Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
© cPanel Inc
