SOLVED Disable Two Factor Authentication with SSH from rescue system

Mario Kos · Jul 12, 2017

Need instructions how to disable 2FA via SSH from linux rescue system.

Mario Kos · Jul 12, 2017

Got stuck after trying:

Code:

mv -v /var/cpanel/authn/twofactor_auth/tfa_userdata.json{,.bak}; echo ‘{}’ >> /var/cpanel/authn/twofactor_auth/tfa_userdata.json

Now have a problem:
Internal Server Error
500
Security Policy requires exec termination.

Infopro · Jul 12, 2017

This thread should be helpful for your original issue:
Two-Factor Authentication

Mario Kos · Jul 12, 2017

Infopro said:
This thread should be helpful for your original issue:
Two-Factor Authentication

I know about api but can api be called if rescue system is booted?

cPanelMichael · Jul 12, 2017

Mario Kos said:
I know about api but can api be called if rescue system is booted?

Hello,

Two-factor authentication should not prevent you from accessing the server via SSH as root. Once the server is booted out of rescue mode, you'd simply access the server via SSH as root and run those WHM API 1 commands.

Thank you.

Mario Kos · Jul 12, 2017

Firewall is preventing me from accesing, is it possible to disable 2FA from rescue mode?

cPanelMichael · Jul 12, 2017

Hello,

It's unlikely that command will work while the server is booted in rescue mode, but it depends on the OS and the specific boot options you used. You may want to check with your hosting provider to see if they provide an option to disable the firewall rules so you can access the server via SSH.

Thank you.

Mario Kos · Jul 12, 2017

Think local whm or csf is blocking ssh access, can you maybe instruct how to dissable csf from rescue mode?

cPanelMichael · Jul 12, 2017

Mario Kos said:
New Think local whm or csf is blocking ssh access, can you maybe instruct how to dissable csf from rescue mode?

You may find this third-party URL helpful:

How to edit /etc/sysconfig/iptables from: RESCUE MODE boot?

However, running an incorrect command could lead to data loss so it's generally advised to consult with a qualified system administrator or your hosting provider if you are not comfortable in rescue mode.

Thank you.

Mario Kos · Jul 12, 2017

Solved by disabling CSF adding file csf.disable to csf folder.

Code:

touch /etc/csf/csf.disable

After reboot managed to SSH login and disable 2FA with whmapi1

Code:

whmapi1 twofactorauth_disable_policy

Thread starter	Similar threads	Forum	Replies	Date
S	Disable Portmapper 111 BSI	Security	2	Jan 8, 2020
A	Disable user login with passwords - SSO only?	Security	3	Dec 30, 2019
T	Disable Two Factor Authentication	Security	3	May 12, 2019
A	Two-Factor Authentication with ssh disabled	Security	2	Feb 25, 2018
I	Disable Two Factor Authentication through Command Line	Security	5	Feb 18, 2016

Search

Search

SOLVED Disable Two Factor Authentication with SSH from rescue system

Mario Kos

Member

Mario Kos

Member

Infopro

Well-Known Member

Mario Kos

Member

cPanelMichael

Administrator

Mario Kos

Member

cPanelMichael

Administrator

Mario Kos

Member

cPanelMichael

Administrator

Mario Kos

Member