Disable two factor authentication (2FA Google, Yubikey , Access Keyword, DUO)

How do I disable Two Factor Authentication ( 2FA ) for the admin user and others?

For Ezeelogin Version 7 and above

 

1. To disable  two factor authentication ( 2FA ) for admin user, run the following commands.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_settings SET value = 0 WHERE name = 'two_factor_auth'"

 

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set egs=NULL,eak=NULL,eyk=NULL,set_duo=0 where id=1" 

You can also disable the duo for admin user  by running the following command : 

root@localhost:~ php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set set_duo=0 where id=1" 

2. To disable Force Two factor authentication for all users, run the following command.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_settings SET value = 0 WHERE name = 'two_factor_auth'"

3. To disable  Two factor authentication ( 2FA ) for all users ,run the following command.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_settings set value='N' where(name='enable_access_keyword' OR name='enable_google_authenticator' OR name='enable_yubikey' OR name='enable_duo')"

   To clear Two factor Authentication for all users, run the following command.(All users need to reconfigure two factor authenticator after clearing it)

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set egs=NULL,eak=NULL,eyk=NULL,set_duo=0"

 

  4. To disable Force  two factor authentication ( 2FA ) for user group , run the following command.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php  " update prefix_usergroups SET force_tfa = 'N' where name = 'usergroup_name'"

Note: Replace the 'usergroup_name' with your user group

Abbreviations:
   eak         = Access Keyword
   eyk         = Yubikey
   egs       = Google Authenticator
   set_duo = DUO 2FA      

 

 

For Ezeelogin Version 6 and below

 

1. Find database name and database prefix from /usr/local/etc/ezlogin/ez.conf in ezeelogin gateway server.

root@jumpserver:~# cat /usr/local/etc/ezlogin/ez.conf

system_folder /var/www/ezlogin/

force_https yes

uri_path /

db_host localhost

db_port /var/run/mysqld/mysqld.sock

db_name ezlogin_por

db_user ezlogin_cxy

db_pass ymhbtPaY)VzD2g]84

db_prefix casmbn_

cookie_encryption_key D8$Frp5fF_FF

cookie_name rlbup

cookie_path /

www_folder /var/www/html/ezlogin/

admin_user ezadmin

mysql_encrypt no


2. Login to mysql command prompt

Replace the "db_user" &  "dn_name" with values in    /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server.You can find the db password as "db_pass" in  /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server.

root@jumpserver:~# mysql -u  db_user -p  db_name

4. Run the following command to    two factor authentication ( 2FA ) for admin user

Replace " dbprefix_" with the value of dbprefix_ in  /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server. For example " dbprefix_settings " is to be replaced with " casmbn_settings " here.

UPDATE dbprefix_settings SET value = 0 WHERE name = 'two_factor_auth' ;

UPDATE dbprefix_users SET egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL where id=1;


Run the following command   two factor authentication ( 2FA ) for all users.

UPDATE dbprefix_users SET egs=NULL,eak=NULL,eyk=NULL,set_duo=0;

 

 you have to use correct db_name and dbprefix from ez.conf if you are running the mysql commands manually.

5 (1)
Article Rating (1 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    User add failed: Error waiting for connection: Cannot add user on this node: Could not connect
    Viewed 2631 times since Wed, Jun 14, 2017
    Install not allowed on this server
    Viewed 713 times since Fri, Mar 20, 2020
    User could not be found on the system:: No error information
    Viewed 956 times since Thu, May 30, 2019
    strange characters in the SSH logs recordings
    Viewed 2835 times since Thu, Jun 15, 2017
    Blank page when clicking add server
    Viewed 2416 times since Wed, Aug 16, 2017
    Trying to install or update a seondary as primary. Use -as_primary option to force it.
    Viewed 492 times since Tue, Oct 27, 2020
    Error on login to Cpanel/WHM from ezeelogin {"status":"success"}
    Viewed 561 times since Thu, Nov 12, 2020
    User modify failed Cannot modify user on this node: Authentication by ssh key failed
    Viewed 4646 times since Wed, Jun 14, 2017
    Unable to access Control Panel Error: Error occurred while communicating with the server
    Viewed 3099 times since Thu, Jun 15, 2017
    An error occurred while trying to submit the form
    Viewed 549 times since Tue, Feb 25, 2020