Reset Root and webui password from user account

1. offizieller Beitrag

    Hi,


    I've been running my OMV5 NAS at home for almost a year now with no issues however I recently wanted to update some of my webui setting and realised that my webui as well as root passwords are not working anymore. I can still log into both with my user account however I am not a super user and cannot fix above mentioned issues. I've setup my omv to send logs to an email where i can see below message (date and time replaced with xx for privacy):


    the following users are locked/banned or are candidates for too many failed login attempts:

    Login Failures Latest failure From
    root 2 xx/xx/xx xx:xx:xx unknown
    admin 9 xx/xx/xx x:xx:xx unknown

    You can reset their counters and unlock them via the omv-firstaid command.



    What I understand from above message is that both my root and admin users have been blocked permanently and can only be fixed usint omv-firstaid command however to run this command I need a super user account which I am not. Am i royally screwed or is there a way to redeem myself ?


    If you have console access during the boot you can attempt to reset the root password by following these guides:


    https://www.tecmint.com/reset-…-root-password-in-debian/


    or


    https://www.how2shout.com/linu…rd-in-debian-11-bullseye/

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

    Einmal editiert, zuletzt von gderf ()

    Gefällt mir 1

    IT worked ! Thanks a lot for pointing me striaght to the solution.

    I keep forgetting that OMV is built on Debian and I should first check their solutions before asking for help here.. Again, thanks for your help. Cheers.

  • votdev

    Hat das Label gelöst hinzugefügt.
    Zitat von prashkd

    IT worked ! Thanks a lot for pointing me striaght to the solution.

    I keep forgetting that OMV is built on Debian and I should first check their solutions before asking for help here.. Again, thanks for your help. Cheers.

    Yer welcome.


    Two takeaways from this situation are:


    Write down your passwords somewhere if you can't remember them, and don't forget where you wrote them down :)


    A machine that can be rebooted and that has a console, even a remote console (SOL/IPMI), can be easily broken into.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

    Gefällt mir 2

    In regards to your first point, allow me to elaborate the issue.


    While I do keep a record of all the IDs and passwords i setup on my NAS, i believe this Root passworld lockout issue started a while back as I had been seeing (and ignoring) emails from my NAS saying the root account has been locked out due to x number of incorrect attempts. As per my understanding there could be two reasons for this.


    1. Someone managed to hack into my home network and tries to brute force into my NAS using random passwords and got locked out after 3 attempts.


    2. I'd setup some applications that access data from NAS to whom gave "root" access to avoide nuisanse configuration issues. BIG MISTAKE on my part. Lesson from this ordeal is I'd rather deal with application issues then loose my root account.


    In regards to your second point, I think I need to revisit my firewall settings :)

    • Offizieller Beitrag
    Zitat von prashkd

    2. I'd setup some applications that access data from NAS to whom gave "root" access to avoide nuisanse configuration issues. BIG MISTAKE on my part. Lesson from this ordeal is I'd rather deal with application issues then loose my root account.


    In regards to your second point, I think I need to revisit my firewall settings :)

    I'm pretty anal about permissions, etc... configuration isn't that difficult if you just pay attention. Doing everything as root, you might as well be using Windows.

    Zitat von KM0201

    I'm pretty anal about permissions, etc... configuration isn't that difficult if you just pay attention. Doing everything as root, you might as well be using Windows.

    The ease with which I was able to reset root password of my machine has completely destoyed my perception of Linux being "safer machines". I think I will have to dedicate next weekeend to revisit all of my security settings and reconfigure all applications to run as a user. If i end up loosing some applications because they refuse to run with limited accesss then so be it.

    • Offizieller Beitrag
    Zitat von prashkd

    The ease with which I was able to reset root password of my machine has completely destoyed my perception of Linux being "safer machines"

    Why? Linux is still safer than Windows. If you have local hardware access, no operating system is "safe". Why do you think datacenters typically have such tight security. You could LUKS encrypt the OS partition to prevent this but then you have to deal with that every boot.

    omv 7.0.5-1 sandworm | 64 bit | 6.8 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.13 | compose 7.1.4 | k8s 7.1.0-3 | cputemp 7.0.1 | mergerfs 7.0.4


    omv-extras.org plugins source code and issue tracker - github - changelogs


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag
    Zitat von prashkd

    The ease with which I was able to reset root password of my machine has completely destoyed my perception of Linux being "safer machines".

    There's a huge difference between accessing an operating system with a local console (where you're sitting in front of the physical machine) versus remotely (where attacks are over the network). Physical access is nearly impossible to defend against, but it's also the least likely scenario. Remote, over the network, access is easiest to execute and it's usually automated.

    There are / have been so many "over the network" Windows exploits it's not even funny. In your case, your Linux server did what it's supposed to do as the last line of defense against a remote attack "AND" the server notified you of the continuing access attempts. With Windows, you might not even know that your server is the target of continuing attacks or that it was compromised.

    If I were you, I'd look at getting a new router or updating your existing router with new firmware with DD-WRT or Open-Wrt. (Here's a list of some -> firmware options, along with pro's and con's.)

    The bottom line is, the gate keeper of your network is your router. It's obvious that you need better security for your network.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden