Disable two factor authentication (2FA Google, Yubikey , Access Keyword, DUO)

How do i disable two factor authentication ( 2FA ) for the admin user and others?

For Ezeelogin Version 7 and above


1. To disable two factor authentication ( 2FA ) for admin user, run the following commands.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_settings SET value = 0 WHERE name = 'two_factor_auth'"


root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL where id=1"

You can also disable duo by running the following command : 

root@localhost:~ php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set set_duo=0 where id=1"

2. To disable  two factor authentication ( 2FA ) for all users ,run the following command.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL"


 3. To disable two factor authentication ( 2FA ) for user group , run the following command.

root@jumpserver:~# php /usr/local/ezlogin/ez_queryrunner.php " update prefix_usergroups SET force_tfa = 'N' where name = 'usergroup_name'; "


Note: Replace the 'usergroup_name' with your user group

   eak       = Access Keyword
   eyk       = Yubikey
   egs       = Google Authenticator
   set_duo = DUO 2FA     



For Ezeelogin Version 6 and below


1. Find database name and database prefix from /usr/local/etc/ezlogin/ez.conf in ezeelogin gateway server.

root@jumpserver:~# cat /usr/local/etc/ezlogin/ez.conf

system_folder /var/www/ezlogin/

force_https yes

uri_path /

db_host localhost

db_port /var/run/mysqld/mysqld.sock

db_name ezlogin_por

db_user ezlogin_cxy

db_pass ymhbtPaY)VzD2g]84

db_prefix casmbn_

cookie_encryption_key D8$Frp5fF_FF

cookie_name rlbup

cookie_path /

www_folder /var/www/html/ezlogin/

admin_user ezadmin

mysql_encrypt no

2. Login to mysql command prompt

Replace the "db_user" &  "dn_name" with values in  /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server.You can find the db password as "db_pass" in /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server.

root@jumpserver:~# mysql -u db_user -p db_name

4. Run the following command to  two factor authentication ( 2FA ) for admin user

Replace "dbprefix_" with the value of dbprefix_ in  /usr/local/etc/ezlogin/ez.conf of your ezeelogin jump server. For example "dbprefix_settings" is to be replaced with "casmbn_settings" here.

UPDATE dbprefix_settings SET value = 0 WHERE name = 'two_factor_auth' ;

UPDATE dbprefix_users SET egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL where id=1;

Run the following command two factor authentication ( 2FA ) for all users.

UPDATE dbprefix_users SET egs=NULL,eak=NULL,eyk=NULL,set_duo=NULL;


 you have to use correct db_name and dbprefix from ez.conf if you are running the mysql commands manually.

5 (1)
Article Rating (1 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.