I inherited a Sophos UTM software based firewall running on an old ESXi 5.5 box. It boots up and shows 9.3 as the version but in GRUB it shows 9.4 so I have no idea what this thing is actually running.
The customer does not have any passwords for any of the logins. I have tried the password reset procedure of using GRUB bootloader to boot into the limited bash shell. I've reset the password for both loginuser and root at least 30 times now. It never works.
What am I doing wrong? I've done this type of process on other *nix boxes many many times in the past and never had and issue like this.
Might be best to just completely reinstall it using the software appliance ISO, and get your home use license from Sophos MyUTM Licensing Portal
UTM - 9.706 | Intel i3-4150 4th Gen Processor 16GB Memory | 500GB SATA HDD | GB Ethernet x5
I assume I'd lose the current config and everything if I did that?
There should be a command line:Locked out - How to regain all logins1) Shutdown the firewall and connect a screen and a keyboard to the firewall2) Power on the firewall, wait until the GRUB-loader starts and press ‘ESC’3) Select ‘Astaro Security Gateway4) Press ‘e’ to edit and select the 2nd entry5) Press ‘e’ once again and enter ‘init=/bin/bash’6) Press ‘ENTER’ and ‘b’ to boot up7) Now you are able to change the passwords for ‘loginuser’ and ‘root’8) After that press CTRL + ALT + DEL to reboot the system and wait until you get the login prompt
Thanks for the help. That is almost exactly what I'm doing other than this is a software based firewall on an ESXi box. The process is almost the same though with the only difference being I connect via the ESXi virtual console and not with a physical keyboard and monitor.
The problem is that it shows success changing the password every time but when the UTM reboots, the changed passwords do not work.
Hi Ken and welcome to the UTM Community!
If this is a paid license, you should open a case with Sophos Support.
Cheers - Bob
Bob, I would love to do that. Unfortunately I have no idea what the serial number would be since it's a software firewall I cannot get into. Of course the customer has no paperwork on it anywhere and the person that sold them this solution is MIA.
Yes you would, but generally someone inheriting something like this wouldn't ever use the configuration and potentially leaves you open to vulnerabilities that you didn't realize were there.
Just my $.02, but if I was lucky enough to gain something like this for my personal use, the first thing I'd do would be to blow it away and start from scratch - and not lose an ounce of sleep over doing that.
trying to find device serial number via the shell since it's not in the GUI - Hardware, Installation, Up2Date, Licensing - UTM Firewall - Sophos Community
The key is the License ID, Ken. I know how to get it if one is logged in as root, but not how to get it in your situation, so I've asked one of the Sophos engineers that participates here to look at this thread. If we can get a Support Case open, they can access the unit via a PC at the site using LogmeInRescue.
Thank you for contacting the Sophos Community.
While you’re doing the password reset can you use the following passwords:
Login User =1986actk.
Password Root = 1986actK.
Try with those passwords, let me know if you have any luck.
Also when you do the password reset try accessing the GUI as soon as you can, less than 30 seconds if possible after you run the exec /sbin/init
I have asked internally if there’s a way to get the licensing information from the backend.
What is the name of your client, I could check for you if there’s some information about it on the support ticket system.