Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 17 replies
  • Answers 2 answers
  • Subscribers 6 subscribers
  • Views 48414 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to hardware-reset (or passwort reset) without monitor or console?

Gabriel Lohre

Hi everybody,

 

since my KeePass container somehow disposed my admin-password to the utm webinterface (UTM 120 appliance), I am no longer able to gain access to it.

I tried to hook up a serial connection, but everything putty (or kitty, tried both) shows is a blank, black CLI. Nothing else. COM interface as shown in windows settings with speed of 9600 (default setting).

When linking the appliance via VGA to my monitor, it shows a nice and clean nothing to it (e.g. the monitor changes from analog back to digital due the lack of a signal).

The appliance was updated to the newest version two weeks ago, if that information is helpful.

So, the big question is: How will I be able to regain access to the aapliance? Data-loss accepted if needed.

Any ideas? What am I doing wrong?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

     

    since the appliance is not showing anything on VGA ... i must agree to .

    Did you try to power it down with VGA plugged in and restart it ?

    Anything showing up then ?

    Alt least you should be able to see BIOS Prompt or sth.

     

    Cheers,

    Chris

  • 0 in reply to ChrisBKA

    Hi everybody,

     

    I managed to gain access to the appliance via VGA/Keyboard on a different sorrounding. Don't know, why it did not work in my home setting. So I hesitate to reinstall the appliance.

    Anyways´. I followed this instructions (www.mxwiki.com/.../sophos-utm-password-recovery-procedure) to reset root/loginuser password. Everything worked until step 9. 

    After reboot, the newly set passwords do not work. Tried again, in case or mistyping or something. Still not working. I can neither login to webadmin with admin/rootpassword or to the still attached direct connection using the newly set root or loginuser passwords.

    What the heck am I doing wrong? =(

  • 0 in reply to Gabriel Lohre

    Hi,

     

    I am not quite shure, whether this procedure is still working in your version.

    It was written in v9.1 ... so maybe they've changed something since then.

    btw: did the webinterface promt you to enter new admin password ?

    from https://www.mxwiki.com/password/sophos/sophos-utm-password-recovery-procedure

    I have to try it out myself... maybe this evening.

    Cheers,

    Chris

Reply
  • 0 in reply to Gabriel Lohre

    Hi,

     

    I am not quite shure, whether this procedure is still working in your version.

    It was written in v9.1 ... so maybe they've changed something since then.

    btw: did the webinterface promt you to enter new admin password ?

    from https://www.mxwiki.com/password/sophos/sophos-utm-password-recovery-procedure

    I have to try it out myself... maybe this evening.

    Cheers,

    Chris

Children
  • 0 in reply to ChrisBKA

    Hi Chris,

     

    thanks for the hint. My 120 is running on UTM 9.4,so maybe this is the problem here.

    I did not get the set-new-pass form. Just the normal login. 

    Is there another procedure to perform this password reset on the current 9.4 version?

     

    Greets,

     

    Gabriel

  • 0 in reply to ChrisBKA

    That is the exact procedure described in the link I posted ... which did not work.

    Everything is fine util step 15 (in your link).

    But I can not log in with the newly set passwords. It seems, they are just not stored correctly. Or are there some hidden password requirements which prevent me from using the chosen passwords (upper- and lower-case, 14 chars) so the passwords are discarded without any error message?

  • 0 in reply to Gabriel Lohre

    You need to log in as "root" to the UTM from Shell to execute "cc". I think you are logged in as a home user which gives an error. Could you show us the error that you see after step 15.

    Thanks

  • 0 in reply to sachingurung

    Sure. Here you go.

     

     

    The password entered in the screen above is the very same password, I configured in the steps earlier. Tried that multiple times.

    As I said: Neither the root-password nor the loginuser-password is accepted afterwards, even if entered correctly as configured before.

  • +1 in reply to Gabriel Lohre

    Hi,

     

    afaik there is no requirements in this bootmode... have u tried entering an stupid password like ... test or something?

    Maybe there is another keymap in recoverymode than in your actual setup ?

    qwertz to qwerty or sth ?

     

    Cheers,

    Chris

  • +1 in reply to ChrisBKA

    Soooo, seems there was probably a problem with the user Password before.

    I had tried my two firstnames as example. Both using the correct key mapping to a qwerty layout (even when used on qwertz as you correctly assumed).

    So this time, I tried "test" as password for root. I immediately tried it out after reboot and I was able to login. NICE! Appliance beeped shortly afterwards as signal to be booted completly. "exit" -> relogin: "password incorrect" *WTF*

    There is ANOTHER hurdle: Sophos (nicely) checks the used passwords agains simplicity, length and (and this I did not expect) dirctonary. So obviosly, both names where contained in that dictionary. 
    Either the password was accepted without error or, which may be now as I saw the specific errors, I just oversaw that password because the shell still announce the password as being set. Even if it is not, as it seems.

    Next turn, I tried out some passwords an finally "ClosedDoor" did not throw any errors (nothing in dictionary, huh? Oo). 

    Login worked, password-reset worked, set-new-webadmin-password-form showed up.

    On webadmin I changed the passwords to strong ones, excluding not-same-mapped characters. Tried to login to console with the new password: Works (typing random 30 chars is a pain, when shell resets after some seconds xD )

     

    tl;dr: Reset worked with both instructions (obviously as they were the same). Just keep an eye on the password policy errors!

     

    Thanks you both for your nice help :)

  • 0 in reply to Gabriel Lohre

    Hi,

    good to hear.

    So then ... njoy your new admin console ... maybe this time u should backup keepass container ;-)

     

    Cheers,

    Chris

  • 0 in reply to Gabriel Lohre

    Gabriel

    You really made my day!

    A year ago I went insane with the same problem on two UTMs. Nobody could help me including Sophos Support.

    Solution was always: "You have a special problem - normally the reset-instruction works - do a Factory reset or re image the box".

    Reading the post I already smiled pitying because I assumed you wouldn't find a proper answer (which you didn't -> you solved it yourself).

    Thanks a lot! I'll document it in our knowledge DB and link your post :-)

    Maybe Bob should add it to the "rulez".

    Cheers

  • 0 in reply to ChrisBKA

    Chris, Janbo suggested that I add your trick to the Rulz, but I'm afraid I don't understand.  If the loginuser and root passwords are no longer known and one cannot get into WebAdmin, what is your solution?

    Cheers - Bob