Lost username and password for logging into Security Onion Web interface ..
3,936 views
Skip to first unread message
John Dworske
Jul 8, 2014, 4:06:24 PM7/8/14
to securit...@googlegroups.com
SO Team,
I have forgotten the password for the SO web interface login.
How can I go about resetting this ?
Thank you,
John Dworske
Confidentiality Notice and Disclaimer: The information contained in this e-mail and any attachments, is not transmitted by secure means and may also be legally privileged and confidential. If you are not an intended recipient, you are hereby notified that any dissemination, distribution, or copying of this e-mail is strictly prohibited. If you have received this e-mail in error, please notify the sender and permanently delete the e-mail and any attachments immediately. You should not retain, copy or use this e-mail or any attachment for any purpose, nor disclose all or any part of the contents to any other person. MyVest Corporation, MyVest Advisors and their affiliates accept no responsibility for any unauthorized access and/or alteration or dissemination of this communication nor for any consequence based on or arising out of the use of information that may have been illegitimately accessed or altered.
Doug Burks
Jul 8, 2014, 4:13:43 PM7/8/14
to securit...@googlegroups.com
Hi John,
Which web interface are you referring to? Snorby or Sguil/Squert/ELSA?
For Snorby, please see:
https://code.google.com/p/security-onion/wiki/FAQ#I've_forgotten_my_Snorby_password.__How_do_I_reset_it?
For Sguil/Squert/ELSA, please run the following command:
sudo /usr/sbin/nsm_server_user-passwd
> --
> You received this message because you are subscribed to the Google Groups
> "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
http://securityonionsolutions.com
Which web interface are you referring to? Snorby or Sguil/Squert/ELSA?
For Snorby, please see:
https://code.google.com/p/security-onion/wiki/FAQ#I've_forgotten_my_Snorby_password.__How_do_I_reset_it?
For Sguil/Squert/ELSA, please run the following command:
sudo /usr/sbin/nsm_server_user-passwd
> You received this message because you are subscribed to the Google Groups
> "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/d/optout.
--
Doug Burks
http://securityonionsolutions.com
John Dworske
Jul 8, 2014, 5:00:20 PM7/8/14
to securit...@googlegroups.com
Doug,
OK yeah so snorby is what I am trying to log into:
root@hq-ids-01:/opt/snorby# sudo RAILS_ENV=production bundle exec rails c
Jammit Warning: Asset compression disabled -- Java unavailable.
No time_zone specified in snorby_config.yml; detected time_zone: Zulu
Loading production environment (Rails 3.1.12)
irb(main):001:0> u = User.find_by_email("jdwo...@gmail.com")
=> #<User @email="jdwo...@gmail.com" @encrypted_password="$2a$10$SGXk0J/sHxesXCma.azbDODghEI93qUvPJnQZsVM4k9804l0WenWi" @remember_token="VAixc4NpsKYjSqK4vghZ" @remember_created_at=Fri, 27 Jun 2014 00:05:15 +0000 @reset_password_token=nil @sign_in_count=10 @current_sign_in_at=Fri, 27 Jun 2014 00:05:15 +0000 @last_sign_in_at=Thu, 08 May 2014 21:59:52 UTC +00:00 @current_sign_in_ip="192.168.0.129" @last_sign_in_ip="192.168.0.129" @favorites_count=0 @accept_notes=1 @notes_count=0 @id=3 @per_page_count=45 @name=<not loaded> @timezone=<not loaded> @admin=true @enabled=true @gravatar=true @created_at=Thu, 17 Apr 2014 00:06:12 UTC +00:00 @updated_at=Thu, 17 Apr 2014 15:46:41 UTC +00:00 @online=false @last_daily_report_at=Tue, 08 Jul 2014 00:00:00 UTC +00:00 @last_weekly_report_at=201427 @last_monthly_report_at=201407 @last_email_report_at=Thu, 17 Apr 2014 15:30:00 UTC +00:00 @email_reports=false>
irb(main):002:0> u.password="snowboarder"
=> "snowboarder"
irb(main):003:0> u.password_confirmation="snowboarder"
=> "snowboarder"
irb(main):004:0> u.save
=> true
irb(main):005:0> quit
Can you see any issues here ?
I tried the procedure with 2 different emails and still can't log in.
I restarted apache2 after the update.
any ideas ?
John
John Dworske
Jul 8, 2014, 5:29:17 PM7/8/14
to securit...@googlegroups.com
Doug,
Where would I find the logs for accessing this web page ?
After changing the password I am still not able to login.
John
Doug Burks
Jul 9, 2014, 7:06:00 AM7/9/14
to securit...@googlegroups.com
I just duplicated your steps and it worked for me. You shouldn't need
to restart apache2.
Are you sure you're trying to login to Snorby?
https://SecurityOnion:444
Are you sure you're entering your email address properly?
jdwo...@gmail.com
Are you sure you're entering your password properly?
snowboarder
What exactly is the error message that Snorby gives you?
to restart apache2.
Are you sure you're trying to login to Snorby?
https://SecurityOnion:444
Are you sure you're entering your email address properly?
jdwo...@gmail.com
Are you sure you're entering your password properly?
snowboarder
What exactly is the error message that Snorby gives you?
John Dworske
Jul 9, 2014, 12:34:19 PM7/9/14
to securit...@googlegroups.com
Doug,
Thanks for the reply. We are all good. I was not using the correct port in the URL.
John
Reply all
Reply to author
Forward
0 new messages