Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Revisit to lost admin password

    Scheduled Pinned Locked Moved General pfSense Questions
    12 Posts 4 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H Offline
      heper
      last edited by

      why doesn't the php script work ? (granted, its been a while since i've tried this)

      https://doc.pfsense.org/index.php/Locked_out_of_the_WebGUI

      1 Reply Last reply Reply Quote 0
      • T Offline
        tolistim
        last edited by

        I can't get into the normal console from single user mode that I'm aware of.

        It doesn't work because the php interpreter isn't found.

        1 Reply Last reply Reply Quote 0
        • D Offline
          doktornotor Banned
          last edited by

          What single user mode? Have you password-protected the console menu, or… ?

          1 Reply Last reply Reply Quote 0
          • T Offline
            tolistim
            last edited by

            The original admin has the console and the webgui locked down.  The only "IN" that I can find is through option 5 on the pfSense boot menu for single user mode.

            Once booted and sitting at the sh prompt, I remount "/" as rw and try to exec "/etc/rc.initial/password" which results in a "command not found" message.  Starting it with "/bin/sh /etc/rc.initial/password" results in the php interpreter not found.

            1 Reply Last reply Reply Quote 0
            • H Offline
              heper
              last edited by

              you can try this:

              
              /usr/local/bin/php /etc/rc.initial.password
              
              
              1 Reply Last reply Reply Quote 0
              • T Offline
                tolistim
                last edited by

                That was the missing piece, but I got to the result via a more "unexpected" route.

                I discovered that the old admin had created our custom admin account for the system, but had never disabled the default admin / pfsense account.  On a whim, I just tried logging in with those credentials and et voila!

                It never ceases to amaze me how some people can even get out of bed without killing themselves…

                1 Reply Last reply Reply Quote 0
                • D Offline
                  doktornotor Banned
                  last edited by

                  @tolistim:

                  I discovered that the old admin had created our custom admin account for the system, but had never disabled the default admin / pfsense account.

                  I would think that it was not really such a loss, regarding the former admin…  :o ::)

                  1 Reply Last reply Reply Quote 0
                  • T Offline
                    tolistim
                    last edited by

                    Yes - uncovering lots of little things that are wrong with our internal systems.  I now know why he had the firewall at his desk instead of in the server room.

                    A friend once told me "that old adage of 'you get what you expect' is wrong.  It should be 'you get what you INSPECT'."

                    I'm starting to realize the wisdom in that.

                    1 Reply Last reply Reply Quote 0
                    • KOMK Offline
                      KOM
                      last edited by

                      "Oh, for God's sake!"

                      HLJskgQ.png
                      HLJskgQ.png_thumb

                      1 Reply Last reply Reply Quote 0
                      • T Offline
                        tolistim
                        last edited by

                        Definitely!

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.