If you lost your Cyclos 4 admin password you may be in troubles. To recover (by reset) access to your Cyclos 4 administration panel follow the tutorial.
The instructions that can be found in the Net refer to Cyclos 3 and they will not work with Cyclos 4 that has been rewritten quite substantially. Here are steps for Cyclos 4.1 and above:
Login to your account via SSH and go to Cyclos directory (usually
webapps/ROOTorwebapps/cyclosin your Tomcat’s directory tree defined with$CATALINA_HOME)Get your Cyclos database credentials (example). You will need them to make changes to the database
grep -E 'datasource.(jdbc|user|pass)' WEB-INF/classes/cyclos.properties
cyclos.datasource.jdbcUrl = jdbc:postgresql://localhost/cyclos4_cyclosdb
cyclos.datasource.user = cyclos4_cyclosdbuser
cyclos.datasource.password = secret- Get your admin user’s salt from the database
echo "select user_id, u.username, p.salt, p.status from passwords p, users u where u.id=p.user_id and u.username = 'admin'" | psql -U cyclos4_cyclosu -d cyclos4_cyclos
Password for user cyclos4_cyclosu:
user_id | username | salt | status
---------+----------+----------------------------------+--------
1 | admin | gCimTuCV1Fw7J2AsefoXDRfMy47vxzAB | ACTIVE
(1 row)- Save and compile hash generator - we will use it to compute hash for our new password
cat > GenerateCyclos4PasswordHash.java <<EOF
import org.cyclos.impl.utils.HashHelper;
public class GenerateCyclos4PasswordHash {
public static void main(String[] args) {
if (args.length < 2) {
System.err.println("2 parameters required: existing_salt and new_password");
System.exit(1);
} else {
String h = HashHelper.hash(args[0], args[1]);
System.out.println("You may now set the new password by accessing your Cyclos 4 (PostgreSQL) database and running:");
System.out.println("update passwords set value = '"+h+"' where username='admin' and status='ACTIVE';");
}
}
}
EOF
javac -classpath WEB-INF/lib/cyclos-impl.jar GenerateCyclos4PasswordHash.java This will create class file in current directory.
- Run the hash generator prviding existing admin salt and new admin password as parameters
java -classpath WEB-INF/lib/cyclos-impl.jar:. GenerateCyclos4PasswordHash gCimTuCV1Fw7J2AsefoXDRfMy47vxzAB newsecretYou may now set the new password by running below command against your Cyclos 4 (PostgreSQL) database (use the value produced by the generator):
echo "update passwords set value = '5F89C071A59DBAC17AA59F49D9473226947D900491B48DD57B18E2B37EBD0101' where username='admin' and status='ACTIVE';" | psql -U cyclos4_cyclosu -d cyclos4_cyclosYou should now be able to login as admin with new secret password.
Note for older Cyclos versions like 4.0.1
1) The jar may be called cyclos-impl-4.0.1.jar - use proper jar name in javac and java calls
2) The HashHelper class is named i and the hash function is named e so in the Java code use:
import org.cyclos.impl.utils.i;
String h = i.e(args[0], args[1]);Newer cyclos versions like 4.6.x do not use salt field and use bcrypt hashing so you can generate a hash with:
htpasswd -nbBC 10 "" ToPsEcReT | cut -d: -f2 | head -1Then run SQL:
update passwords p, users u set p.value ='$2y$10$MFvEpMhO3m3dMQJbi2fkFez4NnqXfq6gscL9jeH68b5CEzqns3O4C' where u.username = 'admin and u.user_id = p.id;
