[SOLVED] Lost access to proxmox control panel

R

rolcom

Member
Jun 22, 2020
8
1
8
Hi,

I added a new user "John" from the terminal, added it to the sudo group, then I proceeded to add "John" to the users from the Proxmox panel and gave all the rights.

I tested that both SSH connection and panel were working fine, I had all permissions and could see everything in the control panel.

Then I disabled the root account from proxmox panel, and also changed SSH port and disabled root login...

Now when I try to login with John's credentials into proxmox panel all I see is the node, and then everything blank as if I had not permissions.


So, I have root access from the terminal, but I have no idea how to re-enable the root user in the proxmox panel (also I dont know why did John lost his powers).

Thanks.
 
hi,

do not disable the root login as some actions are only allow to be done by root@pam. if you re-enable the root login on /etc/ssh/sshd_config you should be able to log-in as root again.

rolcom said:
Now when I try to login with John's credentials into proxmox panel all I see is the node, and then everything blank as if I had not permissions.
Click to expand...

try going to Datacenter -> Permissions and add a new user permission:
2020-06-23-150003_293x212_scrot.png
 
  • Like
Reactions: rolcom
rolcom said:
and also changed SSH port and disabled root login...
Click to expand...
may i ask you why did you changed SSH port? if for Security stuff, not good idea :| A better idea is to use your iptables.

as @oguz said you not need disable root user.

Also you can use root with Two Factor Authentication

rolcom said:
So, I have root access from the terminal, but I have no idea how to re-enable the root user in the proxmox panel (also I dont know why did John lost his powers).
Click to expand...

This CLI will be re-enable login ui again
pveum user modify root@pam --enable 1
 
  • Like
Reactions: rolcom
oguz said:
hi,

do not disable the root login as some actions are only allow to be done by root@pam. if you re-enable the root login on /etc/ssh/sshd_config you should be able to log-in as root again.
Click to expand...

Ok, I'll have that on mind, I've re-enabled it again but I can't login into the panel as I disabled the root user within the panel.

Moayad said:
may i ask you why did you changed SSH port? if for Security stuff, not good idea :| A better idea is to use your iptables.
Click to expand...
Yes, I always change it to avoid the spam... It was always the most easy and fast way to stop it, I will start using iptables now and doing ssh connection from another server...

oguz said:
as @oguz said you not need disable root user.
Also you can use root with Two Factor Authentication
Click to expand...
Thanks, I will use TFA. And I've re-enabled it again in the ssh config.

oguz said:
This CLI will be re-enable login ui again
pveum user modify root@pam --enable 1
Click to expand...
That seems to be the command I was looking for, BUT... looks like I dont have that command?
I tried installing the package pveum but couldnt find any with apt install.

I upgraded from 5.4 to 6.2, so I might be missing something...

These are the contents of my sources.list.d folder
pve-enterprise.list
Code: 
deb https://enterprise.proxmox.com/debian/pve buster pve-enterprise

pve-install-repo.list
Code: 
deb http://download.proxmox.com/debian buster pvetest
deb http://download.proxmox.com/debian buster pve-no-subscription

sources.list
Code: 
#
deb http://debian.mirrors.ovh.net/debian buster main contrib non-free
deb-src http://debian.mirrors.ovh.net/debian buster main contrib non-free

deb http://security.debian.org/debian-security buster/updates main
deb-src http://security.debian.org/debian-security buster/updates main

# buster-updates, previously known as 'volatile'
deb http://debian.mirrors.ovh.net/debian buster-updates main
deb-src http://debian.mirrors.ovh.net/debian buster-updates main
 
maybe this from your terminal environment do this command and see pveum if exists

Code: 
ls -la /sbin/pveum
 
Ok.. I was using su root without dash so I didnt get the right path for the binaries...
Now I DO have the command, now the root user has been enabled again in the panel and everything works fine.

THANK YOU ALL.
 
  • Like
Reactions: oguz
Hi, I'm having a similar issue. I created a new user (no permissions, stupid I know) and disabled root user. I can login from my old laptop (which is running the proxmox server) as root. I've run the above command and also changed the /etc/pve/user.cfg file, but I still cannot login as root user on the web gui. Any idea on how to fix this?
 
mimitair said:
Hi, I'm having a similar issue. I created a new user (no permissions, stupid I know) and disabled root user. I can login from my old laptop (which is running the proxmox server) as root. I've run the above command and also changed the /etc/pve/user.cfg file, but I still cannot login as root user on the web gui. Any idea on how to fix this?
Click to expand...
I was not using the correct authentication (linux pam VS proxmox VE) at login. Using linux pam let me login as root again.
 
rolcom said:
Ok.. I was using su root without dash so I didnt get the right path for the binaries...
Now I DO have the command, now the root user has been enabled again in the panel and everything works fine.

THANK YOU ALL.
Click to expand...
what CLI, are u used , to reEnable root user , Please share i have same problem in Proxmox 7 ?
 
You must log in or register to reply here.
Top Bottom