Home Servers Remove WebMin Two Factor Login Authentication

Remove WebMin Two Factor Login Authentication

4
0
104
 Updated: 14NOV2015. 

Ok. Having Two Factor on WebMin was really good thing, till my Moto G and Laptop both died in 48 hours. Not only I lost my regular SSH (command prompt) access to server but also the Google Authenticator app as my phone was formatted during unlock. To login in WebMin, I had to disable WebMin two-factor authentication.

If you have root SSH access then you can follow the guide from section editing ‘miniserv.conf’ file section else just continue with Rescue shell as detailed below to disable webmin two factor.

Login to your Server’s Admin control panel. This is the account you get from your host/server provider (e.g. SolusVM, Cpanel, etc.). Below example is for SolusVM.

Start Rescue Shell if Regular SSH is inaccessible
Start Rescue Shell if Regular SSH is inaccessible

In control panel try to find something like Serial Console, Rescue root, Rescue access, Temporary SSH or Shell access. Click on it and start the session. You might be asked for Session Time.

Session Time for Rescue Shell
Session Time for Rescue Shell

Select your session time and start the session. You will get rescue root details for your server. If you select JAVA session then you might get a prompt on your machine. Click Yes for JAVA access.

Fire up your SSH/Shell Client and fill up the login credentials as shown and login to your server. This rescue shell is very useful when you lost your regular shell access.

 
Navigate to the directory/folder “/etc/webmin/” using,

cd /etc/webmin/

First we will disable the TOTP service.

Edit the file ‘miniserv.conf’ using Nano or Vi,

nano miniserv.conf

Find a line which says something like below,

twofactor_provider=totp

Remove this line and save the file with exit.

Now, you must remove the authentication key from User file. Edit the file ‘miniserv.users;,

nano miniserv.users

Find the username you use with Two Factor authentication. You will see something like as shown,

Adminuser:1$35456411$dsfd4RTWwedw124/:2:::::::1:1:totp:FEGSR556324322FFW:

The last section with ‘totp’ is the place where WebMin Two factor starts. Delete the section till end, starting from ‘totp’. Your final comment should look like below,

Adminuser:1$35456411$dsfd4RTWwedw124/:2:::::::1:1:

Save the file with Ctrl+X and then Yes (for nano editor)

Now, restart WebMin using,

service webmin restart

Now, try to access WebMin login using browser with access URL. There won’t be any Second factor token code and you will be able to login to WebMin.

There are other ways to disable WebMin two factor. However, this one is easiest and works every time.

Disclaimer: The amazingly fast and zero downtime server for this test and workaround was provided by GoDaddy VPS.
Load More Related Articles
Load More In Servers

4 Comments

  1. Meg Liaren

    November 27, 2014 at 11:11 am

    God sent. This saved me from losing a gig. I setted up the Webmin two factor with my phone and then removed the app without remembering that it was there. Thanks I was able to remove two factor and then re-setup it with clients phone. Thanks

    Reply

  2. Priya

    December 4, 2014 at 7:06 am

    Short and sweet help out as I got locked with Google authenticator and Webmin.

    Reply

  3. Kriloe

    November 15, 2015 at 5:51 am

    As this is updated, I take that it still works and disable webmin two factor?

    Reply

    • Mrinal Buddekar

      November 15, 2015 at 5:52 am

      Yes, this is the easiest and always working way to disable webmin two factor authentication. When you re-enroll from panel then required entries will be put back with new authentication hashes.

      Reply

Don't hesitate. Comment!

Check Also

How to change Wifi Adapter IP on Windows 10

Quick guide with screenshot to help you fix IP configuration on Windows 10. …