27 Oct
2021
27 Oct
'21
1:43 p.m.
If for some reason PAM authentication is not working on a system where
CipherMail is installed using the deb or RPMS, you can add a default
admin by executing some SQL queries
For MySQL/MariaDB:
Login to the database (default password is: djigzo):
mysql -u djigzo -h 127.0.0.1 -p djigzo
The following SQL queries will insert an admin account with
username: admin
password: admin
insert into cm_admin (cm_built_in, cm_enabled, cm_password,
cm_password_encoding, cm_salt, cm_username) values (false, true,
'admin', 0, '', 'admin');
insert into cm_admin_cm_authorities (cm_admin, cm_authorities) values
((select cm_id from cm_admin where cm_username='admin'), (select cm_id
from cm_authority where cm_role='ROLE_LOGIN'));
insert into cm_admin_cm_authorities (cm_admin, cm_authorities) values
((select cm_id from cm_admin where cm_username='admin'), (select cm_id
from cm_authority where cm_role='ROLE_ADMIN'));
For PostgreSQL, change the names of the tables/columns
Kind regards,
Martijn Brinkers
On Wed, 2021-10-27 at 11:51 +0200, Martijn Brinkers via Users wrote:
On Tue, 2021-10-26 at 06:24 +0000, birger.kraegelin---
via Users
wrote:
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger
I installed a brand new CipherMail 5.0.4 VM from
OVA.
Console login works, configuring network works, looking around in
bash looks quite good.
When accessing https:/<<my-ip-address>> and logging in with admin
and
default PW, I get a "Login failed".
In /var/log/ciphermail-gateway-backend.log I see error mesages
(shortened):
INFO Application {
http://ws.djigzo.com}PAM#{http://ws.djigzo.application.mitm/}authenticate
has thrown exception
WARN [Admin Login] Authentication failure: Bad credentials,
Source:
--- Principal: admin; Credentials: [PROTECTED]; Authenticated:
false; --- Not granted any authorities
I already did a reset of the admin passwd according to "Forgot GUI
admin password" foind in documentation.
Where is my mistake? How can I access the admin pages?
Unfortunately this is a regression :(
When you apply on the admin page, PAM auth will be disabled :(
You can re-enable PAM from the command line
Enable PAM:
java -cp "/usr/share/djigzo/lib/*" \
mitm.application.djigzo.tools.CLITool \
--global --set-property pam.enabled \
--value true
Read PAM enabled status:
java -cp "/usr/share/djigzo/lib/*" \
mitm.application.djigzo.tools.CLITool \
--global --get-property pam.enabled
This will be fixed on the upcoming release.
Kind regards,
Martijn Brinkers