We had an employee setup in our HipChat Self Hosted Server and we did not have the Guest Console admin password.
We tried the default and that did not work. We have scoured Google and have yet to find any documentation Atlassian or anywhere else.
What do you mean by the guest console?
If you're talking about the server administrator's password, you can reset that by SSHing into the server, and then run the following command:
hipchat service --reset-owner=EMAIL
If you're talking about access to the admin console itself, you could get access by injecting your public SSH key into /home/admin/.ssh/authorized_keys. On AWS this can be done via a user-data script, or by detaching the EBS volume, updating the SSH key, and attaching it to the instance again. On VSphere this can be done through the vifs command.
Related
I recently purchased a VPS with amazon lightsail and I installed cyberpanel. As I am setting up my websites and email server I realized that I was not able to send out emails but can receive them just fine. I later found out that amazon blocks the ports on EC2 instances. So in order to use a work around I have to attach my SMTP server from AWS SES into the SMTP settings in the admin dashboard of the SnappyMail webmail dashboard. But In order to log in as admin to access it I need a password that I dont have. Since I installed cyberpanel on this Ubuntu 20.04 instance I was hoping that it would be a command line that I can type in to see what the current password is or maybe even reset or change it. Please help me
I tried to look it up on youtube but I kept getting videos that referred to rainloop. And all though it looks the same they are different softwares and I cant access it the way that I was shown in the 2 videos that I found
Run nano /usr/local/lscp/cyberpanel/rainloop/data/_data_/_default_/admin_password.txt
you will find the Password of snappymail
then (Ctrl+X) to exit NANO edit
One of my EC2 instances was hacked a few days ago.
I tried logging in via SSH to the server, but I couldn't connect. I am the only one with access to the private key, and I keep it in a safe place.
Luckily, I had a backup of everything and was able to move the web app to a new instance quite fast.
My concern right now is that I don't know how my instance was hacked in the first place.
Why can't I log in via SSH using my private key? I would assume that the private key stored on the server can't be (easily) deleted.
Is there a way I can find out how the hacker gained access to the instance? Perhaps a log file that would point me in the right direction.
Should I attach the EBS volume in question to a new instance and see what's on it or what are my options in this case?
Right now, it seems I have to access at all to the hacked instance.
Thank you!
#Krishna Kumar R is correct about the hacker probably changing the ssh keys.
Next steps:
Security concerns (do these now!):
Stop the instance, but don't terminate yet
Revoke/expire any sensitive credentials that were stored on the instance, including passwords and keys for other sites and services. Everything stored on that instance should be considered compromised.
Post-mortem
Take an EBS snapshot of the instance's root volume (assuming that's where logs are stored)
Make a new volume from the snapshot and attach to a (non-production) instance
Mount and start reading logs. If this is a linux host and you have port 22 open in the firewall, I'd start with /<mount-point>/var/log/auth.log
They might have logged into your machine via password. In ssh config, check the value of: PasswordAuthentication. If it is set to yes, then users can login to the instance remotely via password. Check /var/log/secure for any remote logins. It will show up all logins (password or key based).
If someone logged in as 'root', they can modify the ssh keys.
The fact that you are unable to login to the machine does not mean that it has been "hacked". It could be due to a configuration change on the instance, or the instance might have changed IP address after a stop/start.
Do a search on StackOverflow for standard solutions to problems connecting to an instance and see if you can connect (eg recheck IP address, check security group, turn on ssh -v debugging, check network connectivity & VPC settings, view Get System Log, etc).
Worst case, yes, you could:
Stop the instance
Detach the EBS volume
Attach the EBS volume to another EC2 instance
Access the content of the EBS volume
I have Apache server running on Centos5.4 Ec2 instance. Unfortunately while removing Bash from Centos, it also removed basic shared libraries.
Now afterward I can't SSH to that EC2 instance but Apache server is still running (I can access my site through URL).
Any idea how can I get the SSH access back? or can repair Centos Ec2 instance?
Thanks!
You can always contact the AWS support directly. They are very accommodating. send a message to them and they will recover your access, if it is doable from their end.
You may call, or you may send a message from your AWS account.
I want to login to the instance i created on Amazon Web Services. I get the following error.
login as: root
Server refused our key
Using keyboard-interactive authentication.
Password:
I dont know what to enter as Password. I have given the privatekey created from PuttyGen.
The username of Amazon AMI is difference depend on the AMI creator,
for Amazon AMI , user ec2-user
for Ubuntu AMI , user ubuntu
You may search from the ami-id to see what is the default username of that AMI. Please ensure that this key you use is the private key for the public key which you put to key-binding when you created the instance.
Try logging in as ec2-user. On the instances I have tried root login was disabled by default.
The created SSH key was wrong. The key happends to be SSH 1. not SSH2. For me it worked for root.
I created an instance of ubuntu ec2 yesterday and I was trying to configure it and I stopped the serer before going home last night, when I tried log on to the same instance using ssh from my ubuntu I am getting an error which says connection timed out. I am not able to login to the instance now
If you stopped the instance, and the instance was ebs-backed then you should be able to start it using the ec2 api.
Describe the instance using the ec2-describe-instances/instance-attributes api and use ec2-run-instance start it. Once started, use the above api to retrieve the public dns name.
Using this you should be able to login to that same machine again.
if you have terminated an instance-store based virtual machine, then you can kiss it goodbye.