search

TechnitiumSoftware / DnsServer

Technitium DNS Server
https://technitium.com/dns/
GNU General Public License v3.0
4.25k stars 418 forks source link

Changing the default password for Technitium DNS on a headless server #98

Closed Chewie9999 closed 4 years ago

Chewie9999 commented 4 years ago

Thank you for writing this program, it looks very useful.

I have installed it on a VM that does not have any windowing system.

I have installed elinks so that I can get to the GUI and then reset the admin password so I can connect remotely, but either it needs some graphical element that elinks 0.12pre6 can't cope with, or there is another problem. In the section near the bottom of the page (in elinks), that has a username box (read only), and a "new password" and "confirm password" text box, when I enter a password and click "Save", nothing happens.

When I try and log in remotely using admin / admin, it says "invalid username or password", which I assume is a security measure.

How can I change the security to either allow a log in remotely with admin/admin, or can I change the password via the command line?

I can see a username in the /etc/dns/config/dns.config file, but I have no idea how it is hashed, and my programming skills aren't good enough yet to figure it out myself

Thank you!

ShreyasZare commented 4 years ago

Thanks for the feedback. Due to the magic of modern JavaScript, the DNS Server's web console GUI works only with Chrome, Firefox and Edge. Any other web browser will fail to work with it.

The GUI does auto login attempt when page loads using default "admin" password and will prompt for password change when the login succeeds.

It seems that you probably were able to change the password but didn't get success message due to JavaScript issues in elinks which is why when you try to login with default password didn't work.

I would suggest that you use the password recovery method to reset the password to default and then use any of the three browsers listed above to change the password and do the configuration.

Do post here if it worked.

Chewie9999 commented 4 years ago

Hi Shreyas, Sorry for the delay, I have been away from the location where I was trying to run the software. No, it definitely didn't change the password, and using the password recovery didn't help. I had to wait until I got back to my server and then used an SSH tunnel to forward the port to a machine with a graphical interface, and then I was presented with the proper change password screen in firefox, and changing the password worked.

In future, if I hit this problem again, is there any way of changing the password by editing /etc/dns/config/dns.config or another method without having do do it via the GUI?

ShreyasZare commented 4 years ago

Thanks for the details. Good to know that you were able to use Firefox with ssh tunnel and use the web console.

The DNS Server config file is in binary format and password is hashed and thus it wont be practical edit it manually. The server provides HTTP API which the web console javascript uses to do actions. You could see the calls in Firefox developer tools, copy those HTTP request and make same requests using curl over shell to get it done.

Chewie9999 commented 4 years ago

Ok, thanks for for the comment!