How Do I Reset My Proxmox GUI User and Password

[Kitamime]

I have a Proxmox server setup. I WAS using the username: crow and password: magic to log into it on both the command line and also on the web GUI but seeing that it was pretty simple and unsecure, I wanted to change the username and password. I first added a new user using the adduser command on the machine CLI. I added the new user: cabbagedrop with the password of varsity1 , I then went into the sudoers file using vi and added cabbagedrop there as well. I then locked the original root username (crow) and password (magic). Now for some reason I cannot log into my Proxmox GUI interface with neither the past usnername (crow) and password (magic) nor the newly created username (cabbagedrop) and password (varsity1). What am I doing wrong and how can I correct this???

Do I need to go into the GRUB settings of my Proxmox machine and mess with the init line like when resetting a password in other Linux distrobutions?
Will doing that allow me to log into my Proxmox GUI web interface??? Please HELP

***NOTE: The usernames and passwords aren't my actual usernames and passwords, understandably***

 

[gfngfn256]

You've created one big mess.

You need to SSH in with some working username + password. (Fill in with birds or salads here! Also try the good old root).
Or you could try from a physically attached monitor to the server.
Then cleanup all your mess.

PUT IT ALL BACK TO HOW IT WAS.

The name root should never be changed. I believe this goes for most regular distros.

You can do all the changes you have indicated from GUI (when you get it working);
Add users, change passwords, do it all ONLY from GUI, you'll save yourself all the hassle.

 

[Kitamime]

You've created one big mess.

You need to SSH in with some working username + password. (Fill in with birds or salads here! Also try the good old root).
Or you could try from a physically attached monitor to the server.
Then cleanup all your mess.

PUT IT ALL BACK TO HOW IT WAS.

The name root should never be changed. I believe this goes for most regular distros.

You can do all the changes you have indicated from GUI (when you get it working);
Add users, change passwords, do it all ONLY from GUI, you'll save yourself all the hassle.

No so, I managed to clean up my mess rather easily. Once I locked the root user from the CLI (the physical one on the host machine), I simply went back in and unlocked it using :
pveum user modify root@pam --enable 1

I was then able to login via the web GUI and old password. Still it's not secure so I added a new user with:
sudo useradd -m 'username here'

I then went into the sudoers config file with:
sudo visudo

Now I need to indeed go into the web GUI and add the new user to the database.

**Thank you so very much for your response and your right too, I indeed made hella mess haha. If you have any advice on how to add my new user to the Proxmox web GUI please done hesitate to explain.

 

[Dunuin]

If you want it secure, use a password manager so you don't have to fill our passwords yourself that could be keygrabbed and use good passwords like "o3-;Q$Tru&3eJ#0#+7.?b#wdun/UQOq+" and never use a password twice. Never store you password in cleartext on any device. Disable password authentification for SSH so only public private key authentification is allowed. There is an option to enable two-factor-authentification for the webUI for additional security. Make sure both BMC and PVE host are only accessible via VPN and not being public on the internet. Its possible to set up fail2ban to temporarily block IPs that are trying to bruteforce your webUI/SSH credentials.

Make sure your PVE host and guests are always up to date. For Debian/PVE there is the unattended-upgrades package that could be installed to automatically apply security patches on a daily basis.

Both varsity1 and magic are terrible insecure passwords that could be cracked using wordlists pretty fast. You shouldn`t use any real words. If the password is easy to type in or to remember, it is a bad password and shouldn't be used.

I like to use KeepassXC + Pageant + KeepassXC Browser extensions synced via Nextcloud/Syncthing between devices. Have proper offline/immutable backups of your password vault and print out your master key and hide it well.

And please never post any passwords online...not even old ones you might want to replace anyway.

 

[gfngfn256]

If you have any advice on how to add my new user to the Proxmox web GUI please done hesitate to explain.

I'm happy you cleared all the "mess" (hopefully).
I'm not sure exactly what you wish to accomplish here. Dunuin has already pointed out important password/security advice.
If you need/wish to add another user, make it clear what you're trying to accomplish, and I will be glad to try & help.

 

[Kitamime]

Simply wanted to change the login creds on the GUI to something secure ...thats all.

 

[gfngfn256]

Simply wanted to change the login creds on the GUI to something secure ...thats all.

Well, you don't / shouldn't need to change the root username. But if you want to change the password for root then assuming you are logged into the GUI with root@pam simply click on the dropdown root@pam and choose Password. Here you can change the password.
Technically it should be possible to create another user who has GUI access, and then lockdown root from the GUI. I strongly advise you against doing this.

 

[Kitamime]

Well, you don't / shouldn't need to change the root username. But if you want to change the password for root then assuming you are logged into the GUI with root@pam simply click on the dropdown root@pam and choose Password. Here you can change the password.
Technically it should be possible to create another user who has GUI access, and then lockdown root from the GUI. I strongly advise you against doing this.

Thank you. Everyone has been so helpful and I'm very appreciative.