Updated: 14NOV2015.

Ok. Having Two Factor on WebMin was really good thing, till my Moto G and Laptop both died in 48 hours. Not only I lost my regular SSH (command prompt) access to server but also the Google Authenticator app as my phone was formatted during unlock. To login in WebMin, I had to disable WebMin two-factor authentication.

If you have root SSH access then you can follow the guide from section editing ‘miniserv.conf’ file section else just continue with Rescue shell as detailed below to disable webmin two factor.

Login to your Server’s Admin control panel. This is the account you get from your host/server provider (e.g. SolusVM, Cpanel, etc.). Below example is for SolusVM.

Start Rescue Shell if Regular SSH is inaccessible
Start Rescue Shell if Regular SSH is inaccessible

In control panel try to find something like Serial Console, Rescue root, Rescue access, Temporary SSH or Shell access. Click on it and start the session. You might be asked for Session Time.

Session Time for Rescue Shell
Session Time for Rescue Shell

Select your session time and start the session. You will get rescue root details for your server. If you select JAVA session then you might get a prompt on your machine. Click Yes for JAVA access.

Fire up your SSH/Shell Client and fill up the login credentials as shown and login to your server. This rescue shell is very useful when you lost your regular shell access.

Navigate to the directory/folder “/etc/webmin/” using,

cd /etc/webmin/

First we will disable the TOTP service.

Edit the file ‘miniserv.conf’ using Nano or Vi,

nano miniserv.conf

Find a line which says something like below,

twofactor_provider=totp

Remove this line and save the file with exit.

Now, you must remove the authentication key from User file. Edit the file ‘miniserv.users;,

nano miniserv.users

Find the username you use with Two Factor authentication. You will see something like as shown,

Adminuser:1$35456411$dsfd4RTWwedw124/:2:::::::1:1:totp:FEGSR556324322FFW:

The last section with ‘totp’ is the place where WebMin Two factor starts. Delete the section till end, starting from ‘totp’. Your final comment should look like below,

Adminuser:1$35456411$dsfd4RTWwedw124/:2:::::::1:1:

Save the file with Ctrl+X and then Yes (for nano editor)

Now, restart WebMin using,

service webmin restart

Now, try to access WebMin login using browser with access URL. There won’t be any Second factor token code and you will be able to login to WebMin.

There are other ways to disable WebMin two factor. However, this one is easiest and works every time.

By Mrinal Buddekar

Data Manager and a technology enthusiast! Mrinal Buddekar is Pune based blogger who loves building server, websites, technology, and affiliate blogging.

Hey there!

Help us reach out to awesome people lie you out there. We publish Tech and WordPress, Deals, and Reviews. WE DON'T SPAM!

Your Information will never be shared with any third party