No acces to GUI after disabling 2fa

B

basti2s

Member
Jul 27, 2021
35
0
6
31
Hello,

i have almost the same problem described in this topic: https://forum.proxmox.com/threads/lost-access-to-web-admin-after-disabling-2fa-totp.93581/
But the Solution of this topic dont work in my case.

So let us start from the beginning. I have used 2fa for my root@pam user. I wanted to test something, so i had to tourn off the 2fa. What i did is i disabled the 2fa for my root@pam user under "Access Control/Two Factor Authentication". The result of my brilliant idear is that, i am not able to login with my root@pam user. (Like in the topic linked below). The user there told that the whole user is disabled and you have to add user:root@pam:1:0:::censored@protonmail.com::: into the user.cfg. But it dont works. There is always an syntax error. Here my user.cfg:
Code: 
user: root@pam
        email xxxxx@web.de
        enable true
        expire 0
        firstname Bastian
        lastname xxxxx

user: bastian@pbs
        email xxxxxxx@web.de
        enable true
        expire 0
        firstname Bastian
        lastname xxxxxx

token: root@pam!backup
        enable true
        expire 0
I think the user.cfg isnt the problem? What can i do?
 
hi,

that thread is about PVE, not the backup server.

removing the user's 2fa authentication doesn't cause any issue here.

basti2s said:
he result of my brilliant idear is that, i am not able to login with my root@pam user
Click to expand...
are you choosing the correct linux pam realm when trying to log in?
 
i have tried both. And both dont work. With my other user bastian@pbs i can login. But the problem is, that it has no superuser rights. So it dont help a lot i guess
 
can you try changing the root password from ssh? run passwd and reset the password and try to login again...

you can also check in /etc/proxmox-backup/ to see if there's anything left in tfa.json file (in case the 2fa wasn't removed correctly, but i think this is unlikely.)

if that doesn't work please post the version info: proxmox-backup-manager versions --verbose
 
Thanks for your answer.
I changed the password via passwd and tried to login - didnt work
I checked the tfa.json there was a very long line with code left. I deleted it and tried to login again - didnt work
Then i tried some other things , now i am nomore able to connect to the GUI. I think at this point, a complete reinstall of the PBS is easier for me, than searching the problem, even if there was no important data stored on it at the moment.
 
open vi /etc/proxmox-backup/tfa.json
find "enable":false,"
change to "enable":true,"
Try login with pam , working.
 
  • Like
Reactions: elmo
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom