Ad blocker detected: Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker on our website.
When I enter the wrong login and password, the system responds that I do not enter it correctly. And when I enter correctly, the system writes me a mistake Permission Denied
Even the password changed, not the input. Does not help !
Please, help me!
--------------------------- My OS FreeBSD 11
Version Cacti : 1.1.24
paulgevers wrote:Ah, sorry, you didn't install the cacti package? Than I haven't said anything.
I thought (but I never install cacti manually, always from the Debian/Ubuntu package) that on initial install you get asked questions before you need to log in (the installi is without credentials, that is the part I don't like for Debian/Ubuntu, so I fixed that). I believe the install asks you which password to use for admin, but I may be wrong.
Anyways, you can also set the password in MySQL/MariaDB if admin/admin is really not working for you:
UPDATE user_auth SET password=md5('your_new_password'), must_change_password='' WHERE id=1;
I was able to change the password from the default admin to something, but I am still getting the same error of:
Permission Denied
You are not permitted to access this section of Cacti.
If you feel that this is an error. Please contact your Cacti Administrator.
You need to be careful with doing this kind of update on a users password. In future versions of Cacti, the MD5 availability of password comparison could disappear. I know that there is an outstanding pull request for updating some of the password code to ensure compatibility between old and new as the 1.1.27/28 code has some flaws in it. But in future, that could all disappear with the user of password_hash and password_verify functions of PHP. I don't believe there is a MySQL compatible version so a custom PHP page would have to be written.
paulgevers wrote:Ah, sorry, you didn't install the cacti package? Than I haven't said anything.
I thought (but I never install cacti manually, always from the Debian/Ubuntu package) that on initial install you get asked questions before you need to log in (the installi is without credentials, that is the part I don't like for Debian/Ubuntu, so I fixed that). I believe the install asks you which password to use for admin, but I may be wrong.
Anyways, you can also set the password in MySQL/MariaDB if admin/admin is really not working for you:
UPDATE user_auth SET password=md5('your_new_password'), must_change_password='' WHERE id=1;
I was able to change the password from the default admin to something, but I am still getting the same error of:
Permission Denied
You are not permitted to access this section of Cacti.
If you feel that this is an error. Please contact your Cacti Administrator.
You need to be careful with doing this kind of update on a users password. In future versions of Cacti, the MD5 availability of password comparison could disappear. I know that there is an outstanding pull request for updating some of the password code to ensure compatibility between old and new as the 1.1.27/28 code has some flaws in it. But in future, that could all disappear with the user of password_hash and password_verify functions of PHP. I don't believe there is a MySQL compatible version so a custom PHP page would have to be written.
mysql> update user_auth set password=’34819d7baaaee0934a5c854bc85b3e44′ where username=’admin’;
It's not strange that updating the password helped, but it's impossible to enter the system.
Friends, how can you help in this situation? What's next, I'm at an impasse!
Cacti is designed so that you create a database, install the source, run the /install/ folder and then login.
Paul's backports some of that work for you so that all you have to do is the /install/ sections that aren't already completed which added some security to the debian/ubuntu versions by setting the DB user and admin user passwords to a secure random password which is stored in the file above. That password is only readable by the sysadmin so can't be guessed easily if it is never changed.
Unfortunately, there are quite a few older installation guides out there though there are only a few guides updated to the latest versions. Good to hear that you got it working though by starting over.
Paul - The only thing I would suggest as an update, set the "change password" flag? Make them update as they log in that first time to ensure the change you recommend.
mysql> update user_auth set password=’34819d7baaaee0934a5c854bc85b3e44′ where username=’admin’;
It's not strange that updating the password helped, but it's impossible to enter the system.
Friends, how can you help in this situation? What's next, I'm at an impasse!
If this is a newer version of cacti with php 5.5 or above, you are better off using code to generate the password and then update the database using the SQL as above because cacti will use the newer password hash functions so try the following:
mysql> update user_auth set password=’34819d7baaaee0934a5c854bc85b3e44′ where username=’admin’;
It's not strange that updating the password helped, but it's impossible to enter the system.
Friends, how can you help in this situation? What's next, I'm at an impasse!
If this is a newer version of cacti with php 5.5 or above, you are better off using code to generate the password and then update the database using the SQL as above because cacti will use the newer password hash functions so try the following:
markv wrote:Paul - The only thing I would suggest as an update, set the "change password" flag? Make them update as they log in that first time to ensure the change you recommend.
I expect every administrator to change the password on first login. In the past Cacti in Debian just followed the Cacti behavior, so there should not be any "unsafe" password out there on systems that are being used. Why I implemented that secure password thing is to avoid having a running Cacti instance without a safe password, especially for admins that didn't release that installing the package would be unsafe without actions (that is not the Debian philosophy).
I don't think upgrading warrants a password change, but please convince me if you still think that is a good idea.
markv wrote:Paul - The only thing I would suggest as an update, set the "change password" flag? Make them update as they log in that first time to ensure the change you recommend.
I expect every administrator to change the password on first login. In the past Cacti in Debian just followed the Cacti behavior, so there should not be any "unsafe" password out there on systems that are being used. Why I implemented that secure password thing is to avoid having a running Cacti instance without a safe password, especially for admins that didn't release that installing the package would be unsafe without actions (that is not the Debian philosophy).
I don't think upgrading warrants a password change, but please convince me if you still think that is a good idea.
I agree upgrading doesn’t. I was just thinking of the first install when you set the password also mark it as expired.
