Reset Fog Password
-
If you simply want to reset the fog ui user
fogback to the default you could execute these steps.- Log into the FOG server’s linux console and use sudo to switch to root.
sudo su - - Confirm you are root
whoami - Log into mysql client
mysql -u root - Switch to the fog database
use fog; - Update the fog ui password. (SQL code borrowed from Tom’s post)
UPDATE fog.users SET uPass = MD5(‘password’) WHERE uName = ‘fog’; - Confirm that its set
select uPass from users where uName = 'fog'; - Attempt to log into the web ui with use
fogand the default password. - Change the password so something secure.
Hint: The apache access log would give you the IP address of the system that was used to log into the fog ui when you suspected the password was changed. Find the owner of that IP address and talk to them using a big baseball bat.
- Log into the FOG server’s linux console and use sudo to switch to root.
-
@george1421 for 1.2.0 blowfish encryption wasn’t used, at least I don’t think it was it’s been a while. The md5 method will work for all versions for now though as when you login if it finds the password was md5 it updates it to blowfish style encryption.
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@tom-elliott Yeah, your way is a bit easier. I just tried to reverse engineer what I had on hand. I didn’t consider how old 1.2.0 was. Well done!.
Full Disclosure: I updated my post with your SQL code which is more appropriate.
-
@tom-elliott
Sorry, I didn’t make it clear. It was through Web UI using an Office Computer that is connected to the server over PXE.
Yes, I have this option in mind (updating fog). -
This post is deleted! -
@richardname hashes by their very nature are unable to be decoded. The best you could do is a dictionary attack that would try any/all combinations until a matching hash is found.
-
@tom-elliott
Its what I did
Hash found! Guilty Found! -
-
This post is deleted! -
@richardname Impressive that you found out who it was by the password.
-
For future readers: https://wiki.fogproject.org/wiki/index.php?title=Password_Central
