Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED Disable Two Factor Authentication with SSH from rescue system

Discussion in 'Security' started by Mario Kos, Jul 12, 2017.

Tags:
  1. Mario Kos

    Mario Kos Member

    Joined:
    Sep 4, 2015
    Messages:
    6
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Need instructions how to disable 2FA via SSH from linux rescue system.
     
    #1 Mario Kos, Jul 12, 2017
  2. Mario Kos

    Mario Kos Member

    Joined:
    Sep 4, 2015
    Messages:
    6
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Got stuck after trying:
    Code:
    mv -v /var/cpanel/authn/twofactor_auth/tfa_userdata.json{,.bak}; echo ‘{}’ >> /var/cpanel/authn/twofactor_auth/tfa_userdata.json
    Now have a problem:
    Internal Server Error
    500
    Security Policy requires exec termination.
     
    #2 Mario Kos, Jul 12, 2017
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,255
    Likes Received:
    385
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 Infopro, Jul 12, 2017
  4. Mario Kos

    Mario Kos Member

    Joined:
    Sep 4, 2015
    Messages:
    6
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    I know about api but can api be called if rescue system is booted?
     
    #4 Mario Kos, Jul 12, 2017
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,943
    Likes Received:
    1,821
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Two-factor authentication should not prevent you from accessing the server via SSH as root. Once the server is booted out of rescue mode, you'd simply access the server via SSH as root and run those WHM API 1 commands.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 cPanelMichael, Jul 12, 2017
  6. Mario Kos

    Mario Kos Member

    Joined:
    Sep 4, 2015
    Messages:
    6
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Firewall is preventing me from accesing, is it possible to disable 2FA from rescue mode?
     
    #6 Mario Kos, Jul 12, 2017
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,943
    Likes Received:
    1,821
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    It's unlikely that command will work while the server is booted in rescue mode, but it depends on the OS and the specific boot options you used. You may want to check with your hosting provider to see if they provide an option to disable the firewall rules so you can access the server via SSH.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #7 cPanelMichael, Jul 12, 2017
  8. Mario Kos

    Mario Kos Member

    Joined:
    Sep 4, 2015
    Messages:
    6
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Think local whm or csf is blocking ssh access, can you maybe instruct how to dissable csf from rescue mode?
     
    #8 Mario Kos, Jul 12, 2017
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,943
    Likes Received:
    1,821
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You may find this third-party URL helpful:

    How to edit /etc/sysconfig/iptables from: RESCUE MODE boot?

    However, running an incorrect command could lead to data loss so it's generally advised to consult with a qualified system administrator or your hosting provider if you are not comfortable in rescue mode.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #9 cPanelMichael, Jul 12, 2017
  10. Mario Kos

    Mario Kos Member

    Joined:
    Sep 4, 2015
    Messages:
    6
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Solved by disabling CSF adding file csf.disable to csf folder.
    Code:
    touch /etc/csf/csf.disable
    After reboot managed to SSH login and disable 2FA with whmapi1
    Code:
    whmapi1 twofactorauth_disable_policy
     
    #10 Mario Kos, Jul 12, 2017
    cPanelMichael and Infopro like this.
(You must log in or sign up to post here.)
Loading...
Similar Threads - Disable Factor Authentication
  1. Mazaher

    Disable two factor authentication?

    Mazaher, Mar 3, 2018, in forum: General Discussion
    Replies:
    1
    Views:
    191
    Infopro
    Mar 5, 2018
  2. Ayman Fadl

    Two-Factor Authentication with ssh disabled

    Ayman Fadl, Feb 25, 2018, in forum: Security
    Replies:
    2
    Views:
    198
    cPanelMichael
    Feb 26, 2018
  3. OooLong

    How do I disable apache error.log globally?

    OooLong, Jul 18, 2018 at 6:28 PM, in forum: EasyApache
    Replies:
    2
    Views:
    40
    cPanelMichael
    Jul 19, 2018 at 1:12 PM
  4. Batsi Mugenge

    Can't Disable Wordpress Plugin Issue

    Batsi Mugenge, Jul 17, 2018 at 11:50 PM, in forum: Security
    Replies:
    3
    Views:
    33
    fuzzylogic
    Jul 18, 2018 at 5:51 AM
  5. webdsn

    Settings for SpamBox enable or disable?

    webdsn, Jul 12, 2018, in forum: E-mail Discussion
    Replies:
    2
    Views:
    74
    cPanelLauren
    Jul 12, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice