Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
18.7: password not acepted any more after update
« previous
next »
Print
Pages: [
1
]
2
3
Author
Topic: 18.7: password not acepted any more after update (Read 26072 times)
Tubs
Jr. Member
Posts: 97
Karma: 3
18.7: password not acepted any more after update
«
on:
July 31, 2018, 10:05:20 pm »
I just updated to 18.7. But now I cannot login any more with root and my local password. It is getting rejected with "wrong password".
Network connection to internet is working. Servers on VLAN connection via HAproxy I also cannot reach.
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: 18.7: password not acepted any more after update
«
Reply #1 on:
July 31, 2018, 10:16:08 pm »
Sounds like...
o The authentication fallback for the GUI/system has been removed in favour of selecting multiple authentication servers at once. Reassign your fallback as a primary authentication method or now use more than two methods.
Do you have console / ssh access?
Cheers,
Franco
Logged
Tubs
Jr. Member
Posts: 97
Karma: 3
Re: 18.7: password not acepted any more after update
«
Reply #2 on:
July 31, 2018, 10:50:48 pm »
LADP connection also is used, but not for administration login. Here I always use root with local password. Order of servers us default.
Console I have. SSH I can enable over console. But as it is night in Europe this must wait till tomorrow.
Any hint that can help would br apreciated.
At keast I have created a backup before update.
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: 18.7: password not acepted any more after update
«
Reply #3 on:
July 31, 2018, 10:56:28 pm »
Yup, from the console / SSH option 3) Reset the root password will turn Local Database back on. You will need to log into GUI, go to System: Settings: Administration, scroll down to Authentication Server and select both "Local Database" and your LDAP Server.
Cheers,
Franco
Logged
Reiter der OPNsense
Full Member
Posts: 115
Karma: 11
Re: 18.7: password not acepted any more after update
«
Reply #4 on:
July 31, 2018, 11:03:04 pm »
Same here. After the update to 18.7 it was not possible to log in to the GUI as root, not even via SSH. The password reset function of the installer has helped. Not "3) Reset the root password" on the console (didn't work), but the password reset function which can be started immediately before installation.
Greetings, Stefan
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: 18.7: password not acepted any more after update
«
Reply #5 on:
July 31, 2018, 11:20:52 pm »
Hi Stefan,
The password reset of the installer calls the same script that is option 3.
I suspect you skipped answering "y" to "Do you want to set it back to Local Database? [y/N]". The installer reset assumes yes, the script asks but defaults to no.
Cheers,
Franco
Logged
PimB
Newbie
Posts: 29
Karma: 1
Re: 18.7: password not acepted any more after update
«
Reply #6 on:
August 01, 2018, 08:39:23 am »
Same problem, and I can't login as root on the console. I guess I'm locked out.
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: 18.7: password not acepted any more after update
«
Reply #7 on:
August 01, 2018, 08:46:06 am »
No, use the 18.7 image password reset feature as previously mentioned.
Logged
PimB
Newbie
Posts: 29
Karma: 1
Re: 18.7: password not acepted any more after update
«
Reply #8 on:
August 01, 2018, 08:55:42 am »
Is that documented yet? I don't know how exactly.
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: 18.7: password not acepted any more after update
«
Reply #9 on:
August 01, 2018, 09:27:29 am »
Use a 18.7 image to boot the live mode, start installer, select "reset password" in main menu. Reboot without install, remove image and you can log in. Don't forget to set your correct authentication methods in System: Settings: Administration: Authentication Server.
Cheers,
Franco
Logged
PimB
Newbie
Posts: 29
Karma: 1
Re: 18.7: password not acepted any more after update
«
Reply #10 on:
August 01, 2018, 09:43:33 am »
Aha, like so. Thanks, I'm back in.
Logged
Reiter der OPNsense
Full Member
Posts: 115
Karma: 11
Re: 18.7: password not acepted any more after update
«
Reply #11 on:
August 01, 2018, 09:48:49 am »
Hello Franco,
I chose no because I had absolutely no plan what the problem was.
Before the update I had set System --> Access --> Settings --> Authentication Server = TOTP Server and Authentication Server (fallback) = Local Database. Was the TOTP server set for the GUI logon after the update? That was my original suspicion, but I could not login via TOTP either.
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: 18.7: password not acepted any more after update
«
Reply #12 on:
August 01, 2018, 12:00:48 pm »
Yes, TOTP was active. In fact it's always active in your case. Please confirm with the tester that it works.
But it makes no sense to have TOTP and Local set at the same time, because if you don't input the TOTP token you can login because that's your plain local password which gives you zero TOTP benefit.
Cheers,
Franco
Logged
Reiter der OPNsense
Full Member
Posts: 115
Karma: 11
Re: 18.7: password not acepted any more after update
«
Reply #13 on:
August 01, 2018, 12:57:00 pm »
I only use TOTP for VPN users and I was no longer aware that I had set anything under System --> Access --> Settings --> Authentication Server. I probably didn't realize in those days that this setting applied to the GUI.
And I have not assigned an OTP seed for root, because I am not logging in via VPN with this user. That's why the login with root didn't work after the update in my case.
We have learned: If you have set up One-time Password 2 Factor Authentication, you may want to check this setting again BEFORE upgrading.
Logged
franco
Administrator
Hero Member
Posts: 17473
Karma: 1587
Re: 18.7: password not acepted any more after update
«
Reply #14 on:
August 01, 2018, 04:29:08 pm »
Ah, that explains it. It's fine in OpenVPN because each server can select its authentication method.
True about the location too. The new location under System: Settings: Administration is a bit better in 18.7, but still a bit difficult to explain that console login and SSH follow this setting as well.
Cheers,
Franco
Logged
Print
Pages: [
1
]
2
3
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
18.7: password not acepted any more after update