Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 776 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

extracting password from XG configuration backup file

LHerzog

I try to compare the admin password from config taken in 18.5.4  and the one that has been taken after the upgrade to 19.0.1.

I have decrypted the backup file with openssl and now I'd like to find the password string - either encrypted or decrypted. Does not matter.

Where can I find it? I searched for obvious patterns in db.dump but no luck?

Reason for this is: community.sophos.com/.../after-upgrade-to-19-0-1-logins-with-admin-user-no-longer-possible



This thread was automatically locked due to age.
Parents
  • +1

    As far as i remember, the admin user is not stored in the backup. This password is set or used of the prior password, you have while restoring the backup. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thanks - you're probably right. you can only restore the config if you did an initial config including password on a naked appliance or you import it to a running system where the password is also already set.

    will open a case for the linked issue with password not working after upgrade - probably they cannot identify the reason.

  • 0 in reply to LHerzog

    Oddly enough - If the password did not work after an upgrade, MFA should not be involved. Because SSH is not using MFA. So It will be hard to figure out the reason, as it is not active anymore. The best way would be to stay in this defect state, let Sophos Support access the appliance via Support_access and check on the defect live. 

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to LHerzog

    Oddly enough - If the password did not work after an upgrade, MFA should not be involved. Because SSH is not using MFA. So It will be hard to figure out the reason, as it is not active anymore. The best way would be to stay in this defect state, let Sophos Support access the appliance via Support_access and check on the defect live. 

    __________________________________________________________________________________________________________________

Children
  • 0 in reply to LuCar Toni

    yes, unfortunately you probably don't have the time to wait if you need to do something on SSH.

    They could only recreate it now in their lab on 18.5.4 in HA with the password for the admin received from us and the backup file, then upgrade to 19.0.1

Unfiltered HTML