Disable two factor authentication (2FA Google, Yubikey , Access Keyword, DUO)

How do i disable two factor authentication ( 2FA ) for the admin user and others?

For Ezeelogin Version 7 and above

 

1. To disable two factor authentication ( 2FA ) for admin user, run the following commands.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_settings SET value = 0 WHERE name = 'two_factor_auth'"

 

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL where id=1"


2. To disable  two factor authentication ( 2FA ) for all users ,run the following command.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL"

 

 3. To disable two factor authentication ( 2FA ) for user group , run the following command.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php " update prefix_usergroups SET force_tfa = 'N' where name = 'usergroup_name'; "

 

Note: Replace the 'usergroup_name' with your user group

Abbreviations:
   eak       = Access Keyword
   eyk       = Yubikey
   egs       = Google Authenticator
   set_duo = DUO 2FA     

 

 

For Ezeelogin Version 6 and below

 

1. Find database name and database prefix from /usr/local/etc/ezlogin/ez.conf in ezeelogin gateway server.

root@jumpserver:~# cat /usr/local/etc/ezlogin/ez.conf

system_folder /var/www/ezlogin/

force_https yes

uri_path /

db_host localhost

db_port /var/run/mysqld/mysqld.sock

db_name ezlogin_por

db_user ezlogin_cxy

db_pass ymhbtPaY)VzD2g]84

db_prefix casmbn_

cookie_encryption_key D8$Frp5fF_FF

cookie_name rlbup

cookie_path /

www_folder /var/www/html/ezlogin/

admin_user ezadmin

mysql_encrypt no


2. Login to mysql command prompt

Replace the "db_user" &  "dn_name" with values in  /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server.You can find the db password as "db_pass" in /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server.

root@jumpserver:~# mysql -u db_user -p db_name

4. Run the following command to  two factor authentication ( 2FA ) for admin user

Replace "dbprefix_" with the value of dbprefix_ in  /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server. For example "dbprefix_settings" is to be replaced with "casmbn_settings" here.

UPDATE dbprefix_settings SET value = 0 WHERE name = 'two_factor_auth' ;

UPDATE dbprefix_users SET egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL where id=1;


Run the following command two factor authentication ( 2FA ) for all users.

UPDATE dbprefix_users SET egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL;

 

 you have to use correct db_name and dbprefix from ez.conf if you are running the mysql commands manually.

5 (1)
Article Rating (1 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    vi editor not working , insert and delete not working in ssh
    Viewed 2612 times since Wed, Jun 14, 2017
    sshd[902]: debug1:PAM: password authentication failed for an illegal user: Authentication failure
    Viewed 5814 times since Thu, Feb 1, 2018
    How to search using IP or other fields instead of host name in jump server ssh interface or gui?
    Viewed 1535 times since Fri, May 4, 2018
    error log file and configuration file to troubleshoot
    Viewed 1986 times since Thu, Jun 15, 2017
    ’Failed to establish SSH session ’
    Viewed 2267 times since Fri, Jun 22, 2018
    Configure Automatic su or sudo
    Viewed 4327 times since Thu, Jun 15, 2017
    F1 - F4 keys not working in ezsh when using PuTTY
    Viewed 20589 times since Wed, Jun 14, 2017
    Blank page in GUI and an error in SSH/backed shell ’ license expired!’
    Viewed 1856 times since Wed, Aug 16, 2017
    setup web ssh console in ezeelogin and ssh via browser
    Viewed 8378 times since Tue, Jan 30, 2018
    Can’t connect to local MySQL server through socket ’3306 ’ in ezsh.log
    Viewed 1960 times since Thu, Jun 15, 2017