March 28 2016

CentOS 7 | Reset Root Password | Grub Method

Imagine the situation where your Administrator is fired/quits, and with him takes the root password of the server and need access to the server right now. Fortunately, Linux makes the process incredibly easy since you have local access, at least in the eyes of the Linux OS. All this method requires is the ability to manipulate GRUB, so if you have a way of seeing the grub menu and working with it, then this method is for you.

Let’s Get Started

  1. Reboot the server and get to the Grub Menu
  2. Go to the line that says “linux16”.
    1. There’s going to be a few more lines compared to CentOS6‘s method, just scroll slowly, it’s there.
  3. Using the Right arrow, go into the “linux16” line and find the word “ro”.
    1. This is telling the server to boot into Read Only. The server boots that and then upon login/mounting you get a Read/Write access. We want to bypass that.
  4. Change “ro” to “rw” and follow it up with “init=/sysroot/bin/sh”
    1. “ro” becomes “rw init=/sysroot/bin/sh”
  5. Press Ctrl-X to boot with this configuration
    1. Note that this doesn’t save the configuration, just lets you boot into it for this Session
  6. Now you should have Root access, type the “passwd” command to change the password.
  7. Reboot the server and use your new password to login.

This method is great for 1&1’s Dedicated Servers using the Serial Console, 1&1’s Cloud Servers using either the KVM/VNC console, and Digitalocean’s KVM console. As long as you can see GRUB, you can change the root password.

March 28 2016

CentOS 6 | Root Password Reset (GRUB Method)

Imagine the situation where your Administrator is fired/quits, and with him takes the root password of the server and need access to the server right now. Fortunately, Linux makes the process incredibly easy since you have local access, at least in the eyes of the Linux OS. All this method requires is the ability to manipulate GRUB, so if you have a way of seeing the grub menu and working with it, then this method is for you.

Let’s get started:

  1. Boot to the grub menu
  2. At the Grub menu press ‘e’ for edit.
  3. You should see 3 lines, scroll to the kernel line
  4. Using the Right Arrow, scroll to the end of that line
  5. Type the number “1” at the end and then hit “Enter”
  6. Now you’re looking at the 3 line again, hit ‘B’ to boot with this configuration
    1. Note: This is not saving the configuration, just booting you into Single User Mode for this session.
  7. You should now be booted into Single User Mode with Root access. Change the password with the “passwd” command
    1. # passwd
  8. Reboot the server with the “reboot” command

This method is great for 1&1’s Dedicated Servers using the Serial Console, 1&1’s Cloud Servers using either the KVM/VNC console, and Digitalocean’s KVM console. As long as you can see GRUB, you can change the root password.

March 20 2016

SSH Keys with 1and1 Cloud Servers

1&1 has updated their NGCS (New Gen Cloud Server) platform to include the ability to have your Public SSH key added to the server upon creation. SSH keys gives you a secure Public/Private key solution that is much safer than using passwords. Unfortunately, you’ll still have to do a few security tasks such as disable password logins, change ports, and disable root login altogether for a nice and secure system, but for now this is a pleasant addition!

 

2016-03-16 20_38_48-1&1 Cloud Panel

Create your Public key using PuttyGen , then simply paste the contents of the Public Key into “SSH Key”. After the server is complete, you can use Pageant from the same Putty creator, or if your SSH client like MobaXterm allows it, load the Private Key then connect to your server.

February 16 2016

Install PHPMyAdmin on 1and1’s Managed Server

1&1 already offers PHPMyAdmin for use from the Control Panel, but the problem can be that if you have a small team, you’d have to give them access to your Control Panel. This may not be too big of a problem if you’re a small enough team, but it’s a larger problem if your business involves reselling 1and1’s Managed Services with you being the Customer and your clients just being the people with content on the servers. Fortunately, the setup isn’t too hard to do and has been covered in a related blog at Server Tuts.

Instead of rewriting (recreating) the wheel, I’m going to just give you the main offering of the post.

  1. Download the PHPMyAdmin script
  2. Upload and unzip it to a folder in your webspace, preferably someplace not accessible without a direct domain purposefully set for it. Like a subdomain!
  3. Edit and hardcode your MySQL credentials into the config.inc.php file. ***YOURE HARDCODING YOUR DATABASE CREDENITALS!*
  4. Create an .htaccess file to block access without a password to this directory ***IMPORTANT BECAUSE YOU HARDCODED YOUR DATABASE!*
  5. Provide your users the location and credentials to access PHPMyAdmin.

See, really that simple. You can read at ServerTuts if you want anything more indepth. Let me know if there’s any issues you have with the guide and i’ll update.

February 15 2016

Windows Commandline via SerialConsole [1and1]

One thing that most 1&1 Dedicated Server customers seem to miss, is the usefulness of the Serial Console. Sure, it’s not a KVM access point, you’re not going to get a GUI image like the VNC console that runs on the Dells, or even the level of control that the CloudServer’s give you, but it’s still quite useful. When you’ve completely botched your network, whether via Firewall or misconfiguration of the Network, sometimes it’s just absolutely needed to get into a good ‘ol Command Line. All you need is Putty and to open a connection to your “Sercon” at “sercon.onlinehome-server.com” and enter your credientals.

From there, you can do everything from:
-Killing Processes
-View running processes
-Get Network info
-Reboot/Crashdump the server
-And our topic: Initiate CommandPrompt

You can read the 1&1 Help Article for more information on the serial console here: http://help.1and1.com/servers-c37684/dedicated-server-windows-c39510/rescue-and-recovery-c76208/use-the-serial-console-with-a-windows-server-a627376.html

The main talking point is when you’re in the “SAC>” prompt, one of the commands you can issue is “cmd”. If the server is running without issues, then “cmd” initiates a CommandPrompt connection. All you have to do is CHange ScreeNs to the newly created screen CMD0001 with “ch -sn CMD0001”. After that, it’ll ask you for login information, if this is an AD server, you can enter even the domain information here too. Once you’re in, you’ll see your “SAC>” prompt transform into the standard “C:\Windows\System32>” prompt ready for your connections. One common thing to do would be to Disable the firewall.

December 21 2015

Reset Windows Password on 1&1 Dedicated Servers

Based off of https://diyserver.guide/reset-windows-password-on-1and1s-cloud-server/

MobaRDP confirmed working with WinServer 2008 + 2008r2. Did not work in tests on 2012.

So previously I talked about resetting the Windows Password with 1and1’s Cloud Servers, both new and old, but dealing with the Dedicated Servers throws in a small difficulty: No KVM/VNC Console unless you’re a $300+ Dell server.

Fortunately, the process is almost as simple, and holds much the same idea as before. We’re still going to be renaming cmd.exe to Utilman, we’re still going to have to get onto the Login screen, essentially the whole thing is there except for how we get to the Login Screen. To proceed, we need to exploit a security setting that is in place to protect your server.

Background

Windows Server by default doesn’t allow you to set a Blank password. Think about how dangerous that would be, if a user account, not even an Admin, had access to your Windows Server without any means of protection. A hacker may not have access rights to files, but surely he can see and possibly read documents, maybe execute applications like MSSQL, save and dump some of your site files or protected documents. Fortunately Remote Desktop doesn’t allow a connection to even present itself, nor does it give a mention as to why. But, there’s an Application that does allow a connection to attempt to be made, brings you to the Login Page, and then let’s Windows tell you you’re not allowed to login. It then even gives you the option of “Reset password” if a reset option has been made available, and you guessed it, press the “Ease of Access” button. This little gem is also my favorite alternative to Putty as I discuessed in the “Admin Tools” section: https://diyserver.guide/mobaxterm-instead-of-putty/

MobaXterm http://mobaxterm.mobatek.net , get it and never turn back to the old ways again!

Since this exploit requires a Blank Password to produce the error we need, we’ll need a program called “chntpw” which is available on Debian operating systems by simply executing “apt-get install chntpw”. While it’s unconfirmed if the 1and1 Dedicated Server’s Linux Rescue has chntpw, though the old Cloud Server’s Rescue does, I’ve also included an optional requirement to fulfill this need

Requirements

  • Linux Rescue Mode
  • MobaXterm
  • (optional in case Rescue doesn’t have CHNTPW) a Debian VM
    • 1&1 Cloud Server
    • Virtual Box (free) + Debian ISO (free) on your computer

Reset the Password

You can follow the attached guide along the lines of the VDS/DCS steps up until you get to the “VNC Console”. Since we don’t have a VNC Console, you’ll just do the SSH task. Fortunately, MobaXterm has a GREAT SSH ability to complete that task for you.

Continue with the same steps with copying and renaming your files. When you’re done, it’s time to see if the rescue image is available:

  1. Execute chntpw and see if it gives an output or says “Command Not Found”
    1. root# chntpw
      1. if “Command Not Found” then you need the Debian VM and setup tasks are at the bottom of this guide
      2. if you get an output then proceed on
  2. While in “C:\Windows\System32” change into the folder “config”
    1. root# cd config
    2. root# pwd
      1. root# /mnt/Windows/System32/config
  3. Execute chntpw on the user you want, let’s say Admin, and choose the SAM file
root# chntpw -u Admin SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 262144 [40000] bytes, containing 11 pages (+ 1 headerpage)
Used for data: 492/40056 blocks/bytes, unused: 8/4648 blocks/bytes.

================= USER EDIT ====================

RID     : 1043 [0413]
Username: Admin
fullname: Admin
comment :
homedir :

.....
....

- - - - User Edit Menu:
1 - Clear (blank) user password
2 - Unlock and enable user account [probably locked now]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > 2
Unlocked!
....
....
....
- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > 1
Password cleared!
================= USER EDIT ====================
.
..
...
.....
- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > q

Hives that have changed:
#  Name
0  <SAM>
Write hive files? (y/n) [n] : y
0  <SAM> - OK

 

So i tried skipping all the boring parts in that. Basically, you’re Unlocking the account (incase you caused a Lockout), Clearing the password to set it blank, and Saving your changes.

Now you can reboot the server into “Normal Mode” in the Recovery Tool.

 

MobaXterm for Remote Desktop

With our server booting back up into local “normal” mode, let’s get our Remote Desktop ready. In MobaXterm, click on “Sessions” => “RDP” => and enter the IP address where it says “Hostname” and the Username in the appropriate box. You can click OK, but if the Server isn’t ready yet, then it’ll error out but the “Session” will save to the Sessions tab and you can execute it in a few minutes.

When ready, go ahead an execute the RDP Session, hit enter when it asks for a Password, and wait for the Login Screen to show up. The error message should be something along the lines of “Account Restriction: Blank passwords aren’t allowed….”. Now you can click the “Ease of Access” and run “net user Admin <newPassword>” and login after that.

 

Debian Setup Tasks

Unfortunately, I won’t be going over how to install Virtual Box and Debian, you’ll have to either decide to get a 1and1 Cloud Server to have the image all created for you, passwords, network configurations, and all, or go through the tasks and create your own VM on your computer. Once you’re in your Debian VM, there’s two things we’ll need:

  1. chntpw – NT Password Changer
    1. sudo apt-get install chntpw
  2. sshfs – Mount an SSH connection as a File System
    1. sudo apt-get install sshfs

The basic idea is that on your local VM, you’ll have the CHNTPW but your server doesnt, but your server does have an SSH Server connection thanks to the Rescue System. We need access to server and run our application as if it was on our VM itself, that’s where SSHFS comes in.

On the Debian VM

  1. Mount the SSH including System32/config location to Debian’s /mnt folder.
    1. sshfs [email protected]<SERVERIP>:/mnt/Windows/System32/config /mnt
  2. Run chntpw on the SAM file
    1. sudo chntpw /mnt/SAM
  3. Follow rest of guide above.
December 21 2015

Reset Windows Password on 1and1’s Cloud Server

Let’s take a scenario:
You created a Windows Server VM at 1and1.com and decided to use your own super secret password. Since you specified the password, it doesn’t show up in the cloud panel. Since this is a windows, we can’t just load up a LiveCD of Linux, CHROOT and run the command “passwd” and be done with it. We also don’t have the ability to use our own ISOs which may have a nice Bootdisk to that resets passwords in the SAM file. We need to get this data somehow, and I figured out how to do it.

The golden ticket here is we need to be able to run Command Prompt and we need to change our password. Since we have KVM access, we only need to rename the Command Prompt “cmd.exe” to a system program like “Utilman.exe” or “Magnifier.exe” so we can run it at the logon screen.

For the new Cloud Servers, which has the “Cloud Panel” and dubbed “NGCS” or “1&1 Cloud Server”, the only DVD/Application available that works seems to be GParted which is Debian based. For older 1&1 Cloud Servers, which went under the names “Dynamic Cloud Server”, “Virtual Dedicated Server”, “VDS” / “DCS”, you can use the “Recovery Tool” in the 1&1 Control Panel as the “Linux Rescue” both stable and unstable are Debian Based as well.

For the NGCS:
– Go ahead and load up the KVM from you Cloud Panel by going to “Actions” => “Access KVM Console”
– In the Cloud Panel also load the GParted by clicking “DVD” => “Applications” => select “GParted”
– Reboot server and watch it in the KVM Console
– When you follow the prompts, you’ll get to a desktop, choose “Terminal”

For VDS/DCS:
– Go to 1&1 Control Panel => 1&1 Servers => Recovery Tool => choose either Linux Rescue
– Use your VNC Console or SSH into your server using IP address, Root, and the Recovery password created
– Either option will bring you into the server’s Terminal

 

In Terminal

  1. Mount the Windows partitions
    1. NGCS
      1. mount /dev/sda2 /mnt
    2. VDS/DCS
      1. mount /dev/sda1 /mnt
  2. Change Directory to “C:\Windows\System32”
    1. cd /mnt/Windows/System32
  3. make backups of Utilman.exe or Magnifier.exe
    1. mv Utilman.exe Utilman.exe.bak
  4. Copy and Rename CMD as previous application
    1. cp cmd.exe Utilman.exe
  5. Reboot Server with back to regular mode
    1. NGCS
      1. Remove DVD from CloudPanel
      2. Restart Server
    2. VDS/DCS
      1. Recovery Tool => Windows Server (normal)

Now the server should be starting up and getting to the Logon Screen. Both the VNC Console and the KVM console should show you at the Windows Login Screen, and in the bottom left there’ll be a little square button. This is your “Ease of Access” button or “Utilman.exe”. If you renamed CMD to Utilman, then clicking this will bring up a Command Prompt, otherwise Open that and click on your Magnifier to bring up the Command Prompt

In Command Prompt

Change User Password

  1. net user <USER> <NewPassword>
  2. Login with User and it’s new password

Create a new user with Local Admin Rights

  1. net user <USER> <Password> /add
  2. net localgroup Administrators <USER> /add
  3. Login (no need to reboot)

 

Note:

  • Always remember to change the applications back to the originals with the backups you made. While unlikely someone would get KVM/VNC console access, if they find an exploit (like the one needed for Dedicated Servers) then they can reset/add Admin users.
  • Changing user passwords this way may cause loss of access to “Encrypted Files/Folders”. Do this as a last resort when the only other option that’s been given is to Reimage.
December 14 2015

1&1 Cloud Server DIY Backup Solutions

1and1.com has always offered a number of backup solutions including their “Professional Backup” and their “FTP Storage” features that have always been available to Dedicated and VPS servers. With the Cloud Servers though, I wanted to focus on entirely different approaches, leveraging Snapshots, Images, and Shared Storage and pit them against the old FTP Storage and Professional Backup solutions.

The Old

The Professional Backup storage, which is available in the new Cloud Servers named simply as “Backup”, consists of a Agent program that you configure onto your server, explain which folders or MySQL databases you wish to backup and the frequency of the backup. The system isn’t very intuitive, but for someone that wants to “set it and forget it” then it’s perfect as it’ll run on schedule and store offsite. The problem is, only 1 server is married to this 1 backup location, and if something goes tits up, then you must wait for 1&1 to remarry your account with another one of your servers, or get your server fixed/reimage for the marriage to be reunited. This means, you cannot access your backup from your home. *enter frowny face*

FTP Storage though is exactly what it sounds like, you lease the dump space, configure however you want to get the files onto the FTP Server, and you can connect to it from anywhere. I did mention that it’s FTP, so the traffic isn’t secure, and its still just files that are being backed up. Good luck using it if your system becomes corrupted and can’t start.

The New

Now comes some buzz words: Snapshots and Images. Snapshots and Images are essentially the same with a few differences. They both save a carbon copy of your server the way it is right now, and allows you to revert to it at a later date.

Snapshots (free)

Snapshots only allow for 1 snapshot to be active at a single point in time. After 72hours, the snapshot will expire and be purged from the system. The basic use-case for the snapshot is to take a snapshot right now, then do something that may alter server functionality: Edit Drivers, Install an Application, Severely alter website configuration. If anything happens that you didn’t expect, revert to the Snapshot, otherwise either hold on to it until the 72hours expire, or delete it and go on your way.

Images ($7.20 per 100GB)

Images are a slightly different beast, with the same benefits, plus some. The image is again a carbon copy of the server the way it is during creation, but it can be Automated to take images on a schedule, and it can store multiple images at a time. There’s two main use-cases for images:

  1. Create your server with the base configuration that future servers will need to emulate. Server software, firewall permissions, Domain/AD configurations, etc. Then take a single image and store it. Future servers, instead of installing 1&1’s base images, you’ll be able to create servers built off of this newly created Image.
  2. Create a backup schedule of daily/weekly, to take an image of the server and save it. Images are saved in RoundRobin form where you set an interval of 1=<, and when the number of images saved reaches that number, the oldest image is replaced. This is a simple First In First Out formation. You’ll pay 7.20 per 100GB of total space used per month. So if you have 5images, and each image is of a 30GB server, you’ll pay $10.80 per month for the 150GB stored.

Shared Storage ($7.20 per 100GB)

Lastly, not much more different than the FTP Storage, comes the Shared Storage. This is nothing more than a Network Attached Storage device which is only attached to the Datacenter Network of your servers and can’t be reached from outside. The benefits of this device is you can mount the storage space as needed, use it on any and all your servers, and the traffic is going via the internal network. This suffers the same issue as the Professional Backup though in that you can only access it from your Servers and it also only stores files, but isn’t a means of reverting your system to a state. You could however use it for Windows Backups, a mount point for your webservers to keep large documents on, etc.

December 14 2015

SSH Keys and VPN for Extended Security on 1&1 CloudServers

The plot

You have your Database server hosted inside the 1&1 Cloud and your Boss wants you to lock it down from everything except MySQL, and we mean really lock it down so we already know the Cloud Panel’s Firewall is coming into play and SSH is basically out the window. So you set up the Firewall, add only port 3306 and call it a day. Then the phone rings and your boss is sitting on the other line saying “Wow….I don’t want to use the KVM, I like Putty”. Obviously this is a fictional Boss, our boss can’t turn on the monitor without help, but in this fictional world, your boss wants to SSH.

So you say, “Okay, what’s your IP, I’ll add an exception to the Firewall for your IP to be allowed.

2015-12-14 00_01_10-1&1 Control Panel

Your Boss, being the busy guy he is tells you that not only doesn’t he know it, he wants to be able to connect from any location long as he has a computer he controls. He’s also tired of typing in the long password, and he’d rather get rid of it for sake of security convenience, instead wants to use one of those “key things” he read about somewhere.

The Technical Breakdown

So we have 1 Linux server (CentOS6) running our MySQL Database. We’re going to configure the username “Boss” to SSH into the server via SSH Keys, but we’re going to keep the Firewall in place to block port 22. To circumvent the firewall, we’re going to create a VPN connection in our server’s Data Center (USA).

Supplies Needed

  • DB Server
  • Firewall Policy
  • VPN Created
  • openVPN client

Firewall Creation

This is probably the simpliest part, just go into your CloudPanel and choose “Network” => “Firewall Policies” => Click “Create” and add only 1 rule for port 3306. Then go to “Infrastructure” => “Servers” => Choose your DB Server => Scroll down the “Features” until you reach “Firewall” => Click the Firewall and change it to our new Firewall Policy.

2015-12-14 00_00_44-1&1 Control Panel

VPN Creation

Similarly, creating a VPN is just as easy as the Firewall. “Network” => “VPN” => “Create”. After it’s processed, you can download the Configuration file as seen in the referenced image below. With it, you’ll follow 1&1’s Guide here https://whstatic.1and1.com/help/CloudServer/EN-US/d851538.html for downloading and configuring openVPN.

2015-12-14 00_12_40-1&1 Control Panel

 

CONNECT TO THE VPN BEFORE CONTINUING!!!

SSH Key Generation and Assignment

There’s plenty of guides and ways to create your SSH Keys. Rather than re-create the wheel, here’s a guide from hostgator which is pretty generic (outside of their “Reseller port 2222”).

https://support.hostgator.com/articles/specialized-help/technical/ssh-keying-through-putty-on-windows-or-linux

The main take-away is to use PuttyGen if you’re on a Windows local machine, generate your SSH Key, and upload it to your server. For our tutorial, we’re adding it to the user “Boss”, so do the following inliu of HostGator’s step 5:

[email protected]# mkdir /home/Boss/.ssh
[email protected]# chmod 700 /home/Boss/.ssh
[email protected]# vi /home/Boss/.ssh/authorized_keys2

IN THE VI EDITOR
Press the key i for INSERT mode
Shift + Insert to paste your SSH Key
Press ESC, then the keys :wq so that's : and wq

Why it works

So the VPN, as discussed here: https://timgarrity.me/1and1-ngcs-free-vpn/ , the VPN puts you in the relative area of your Servers, directly past the Firewall. You’re not connected to any one server, but instead each server in that datacenter that’s assigned to you has been added to your IP Routing Table in such a way that traffic to them gets tunneled through the Data Center and towards your server. Since we’re using this VPN, we don’t need port 22 open at all on the Hardware Firewall in the CloudPanel. Because of this, the only way we can SSH into this server with this Firewall the way it is, is activate the VPN every time we want a connection, or configure an additional component by adding a Private Network. The Private Network would then open up the benefit of Nested SSH connections (SSH into Webserver, then SSH from Webserver to DB Server).

December 13 2015

Upgrade Ubuntu14.04 to 15.04 on 1&1 Cloud Server

Original walkthrough: http://server-tuts.com/upgrade-ubuntu-14-04-lts-to-15-04-on-a-11-cloud-server/

So while we wait for a more elegant solution provided in the form of 1&1 Images, we’re going to upgrade our Ubuntu 14.04 LTS server to the more current 15.04 server and and creating our own installable image.

While this is a simple change, be mindful that we are manually doing an apt-get update with our Package Manager, so if you’re a Plesk User or have some other type of software that normally handles Package Dependency Management, I’d suggest running through this on a clone before doing it on a live server.

{From server-tuts}

At first open your /etc/update-manager/release-upgrades and change the following line:

Prompt=lts

To:

Prompt=normal

After that perform an update:

sudo apt-get upgdate

And then start the upgrade:

sudo do-release-upgrade -d

After that answer the questions by typing y for yes. Just be patient until the progress is done.
At last you will be asked for a reboot. Again type y for yes and do the reboot.

If you check lsb_release -a now you will just see Ubuntu 14.10. Repeat the process to upgrade to Ubuntu 15.04.

After that you will see this by typing lsb_release -a:

[email protected]:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 15.04
Release:    15.04
Codename:   vivid
[email protected]:~#

{End Excerpt}

So now’s the point where, if you this is a clean install or atleast clean enough to be a starting point for future servers, we can create a new image. So go ahead and go to your Images in the Cloud Panel, and Create Image.

2015-12-12 19_48_45-1&1 Control Panel

And that’s it. Now when you create a new server, select “My Images” from the OS selection and chose your newly created image.