Password Reset Simply Does. Not. Work.

I inherited a Sophos UTM software based firewall running on an old ESXi 5.5 box. It boots up and shows 9.3 as the version but in GRUB it shows 9.4 so I have no idea what this thing is actually running.

The customer does not have any passwords for any of the logins. I have tried the password reset procedure of using GRUB bootloader to boot into the limited bash shell. I've reset the password for both loginuser and root at least 30 times now. It never works.

What am I doing wrong? I've done this type of process on other *nix boxes many many times in the past and never had and issue like this.

  • Might be best to just completely reinstall it using the software appliance ISO, and get your home use license from Sophos MyUTM Licensing Portal

    UTM - 9.706 | Intel i3-4150 4th Gen Processor
    16GB Memory | 500GB SATA HDD | GB Ethernet x5

  • I assume I'd lose the current config and everything if I did that?

  • There should be a command line:

    Locked out - How to regain all logins
    1) Shutdown the firewall and connect a screen and a keyboard to the firewall
    2) Power on the firewall, wait until the GRUB-loader starts and press ‘ESC’
    3) Select ‘Astaro Security Gateway
    4) Press ‘e’ to edit and select the 2nd entry
    5) Press ‘e’ once again and enter ‘init=/bin/bash’
    6) Press ‘ENTER’ and ‘b’ to boot up
    7) Now you are able to change the passwords for ‘loginuser’ and ‘root’
    8) After that press CTRL + ALT + DEL to reboot the system and wait until you get the login prompt

  • Hi Goldy,

    Thanks for the help. That is almost exactly what I'm doing other than this is a software based firewall on an ESXi box. The process is almost the same though with the only difference being I connect via the ESXi virtual console and not with a physical keyboard and monitor.

    The problem is that it shows success changing the password every time but when the UTM reboots, the changed passwords do not work.

  • Hi Ken and welcome to the UTM Community!

    If this is a paid license, you should open a case with Sophos Support.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Bob, I would love to do that. Unfortunately I have no idea what the serial number would be since it's a software firewall I cannot get into. Of course the customer has no paperwork on it anywhere and the person that sold them this solution is MIA.

  • Yes you would, but generally someone inheriting something like this wouldn't ever use the configuration and potentially leaves you open to vulnerabilities that you didn't realize were there. 

    Just my $.02, but if I was lucky enough to gain something like this for my personal use, the first thing I'd do would be to blow it away and start from scratch - and not lose an ounce of sleep over doing that.  Slight smile

    UTM - 9.706 | Intel i3-4150 4th Gen Processor
    16GB Memory | 500GB SATA HDD | GB Ethernet x5

  • The key is the License ID, Ken.  I know how to get it if one is logged in as root, but not how to get it in your situation, so I've asked one of the Sophos engineers that participates here to look at this thread.  If we can get a Support Case open, they can access the unit via a PC at the site using LogmeInRescue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello Ken,

    Thank you for contacting the Sophos Community.

    While you’re doing the password reset can you use the following passwords:

    Login User =1986actk. 

    Password Root = 1986actK.

    exec /sbint/init

    Try with those passwords, let me know if you have any luck.

    Also when you do the password reset try accessing the GUI as soon as you can, less than 30 seconds if possible after you run the exec /sbin/init

    I have asked internally if there’s a way to get the licensing information from the backend.

    What is the name of your client, I could check for you if there’s some information about it on the support ticket system.

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.