Root password no longer works for Virtualmin, but works over SSH

I’m at the end of my rope here. One day recently – several weeks ago, that’s how long I’ve been working on this off and on – I could no longer log into Webmin/Virtualmin (GPL) as the root user. I use a password manager, and you’ll just have to believe me that I know what I’m doing and have never had this problem on any type of a system before. There was nothing that I did immediately beforehand to cause this to happen; one day the root password simply no longer worked when I went to log into Virtualmin.

The same password I have been using to log into Virtualmin works over SSH, but not when logging into the web interface as root. It’s bizarre. I’ve read a lot of search results, and I’m 99% certain that my Webmin system uses the same passwords as the Linux system. I haven’t changed that on any of my Webmin-run servers.

But when I change the password of root on the command line with passwd, I still cannot log into Virtualmin with the new password. In case some special character was causing a problem, I even used a password with only letters and numbers. And all has been copied and pasted; I’m not leaving anything to chance. I still cannot log in.

Of all the search results, this one seemed the most relevant: Password change and now I’m locked out. I tried to change the root password with this command, while in the /usr/libexec/webmin directory:

./changepass.pl /etc/webmin root PASSWORD

The output was:

Password for Webmin user root updated successfully

Great! We’re getting somewhere. But when I try to log into Virtualmin:

Warning!
Login failed. Please try again.

I do note, though, that the entry for the root user in /etc/webmin/miniserv.users has changed; before it was:

root:x::::::::0:0:::

… and now it is:

root:$6$13080545$xxDyYy0gvtLE2J5F35j7bC/SRiAn6h4.ESCafqSyrnQE87ysdv8789fTxEaqJGiV06qQRfbCPcMp5XLw46fSv2Qo60::::::::0:0

(I’ve messed up that hash, by the way.)

From [solved] Login fails with root : password but ssh access works - #7 by Ilia I also tried this:

webmin passwd --user root

… with all the same results as the above attempt.

I’m 99.9999% certain that this server has not been rooted. If it was I would have known long ago and, besides, I wouldn’t be able to log in over SSH as root. The two websites it hosts (that’s all it hosts) are untouched, and no spam has been or is being sent from the server. Trust me, I would know.

My VPS provider (Linode) has an option to reset the root password, but I have the root password and can log in over SSH, and I can change the root password myself on the command line (as noted above with passwd), so I’m certain that going that route won’t fix this problem.

I have tried rebooting the server, and that didn’t help either.

Has anyone else had and solved this problem before?

Craig

I found this from joe

You can manually edit this file and make the line for the root user look like:

root:x::::::::0:0:::

This will make Webmin use Unix authentication for this user.

Also, does the /etc/pam.d/webmin file exist and look like this on your system:

#%PAM-1.0
auth    required        pam_unix.so     nullok
account required        pam_unix.so
session required        pam_unix.so

Thanks, @stefan1959. Yes, that was the post I looked at and followed. Didn’t help.

@Ilia That’s how the root entry in that file looked before though, before I followed the instruction for changing the root password on the command line. But I have followed your advice and manually edited the file with that root entry (and deleted the old root entry) and I get the same failure when I try to log into Virtualmin, including after restarting Webmin.

Oh, and yes, that’s exactly how that file looks. It has not been recently modified either.

check the secure log, maybe it shows whats going on

image1193×645 116 KB

Not really. From my IP address it just shows my successful SSH log-ins.

are you using the IP address or domain.
maybe try the https://ipaddress:10000/
make sure you accessing the right server if you have more then one.

Well, that was it. It seems that the client changed their DNS records recently, and so the sub-domain that was pointing to their Virtualmin installation ended up pointing to a default IP address, that was the address of another Virtualmin installation! This crossed my mind, but only briefly and I ignored the thought because it didn’t make any sense.

So now I’m very embarrassed! This was a stupid thing to overlook. Thank-you @stefan1959!

However, it raises a point that struck me when I first started using Virtualmin years ago. The log-in screen states, “You must enter a username and password to login to the server on DOMAIN IN THE BROWSER’S ADDRESS BAR”. That’s nice, because I probably typed that address into the address bar, and so I expect that that’s where I’m logging in. But in this case, the domain stated in that message was in fact the correct sub-domain, but it clearly wasn’t the server I wanted to log into! So I believe that message needs to be configurable by the server owner. They can leave it to display the URL in the browser’s address bar (that can be the default), or they can configure it to read, “ABC Hosting Company” or even cp.example.com or something like that.

@Ilia? What do you think about that?

I’ve posted this suggestion under “Blue Skies”: Domain displayed on Virtualmin log-in screen

Thanks for starting a new thread! This is a right thing to do; I will comment on it.

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.