Break Into VirtFusion Software If Admin Password Is Lost

This will not be successful if you have lost the 2FA for the only administration user. The login will be changed to the new password and you can get into the first stage of the process, but you'll be sent to /tfa/verify, and if you don't have the 2FA code, you're outta luck.

This is useful for first time installations where you lost the login box that appears on final install or if you need to get into an administrator account in an emergency.

Go onto the Hypervisor Control server and create a python script below, like nano new-password.py. Update the password here line with your relevant new password.

import bcrypt

# Replace with the new password for Jasmine
password = "<PASSWORD-HERE>"

# Generate a bcrypt hash with cost factor 12
salt = bcrypt.gensalt(rounds=10)
hashed_password = bcrypt.hashpw(password.encode(), salt)

# Print the hash
print(hashed_password.decode())

Run the python script with python3 new-password.py. You should see it print it in bcrypt hash.

We now need to update the database. Run cat /opt/virtfusion/app/control/.env. We need the database name. Now head into MySQL, normally just being mysql in the terminal.

Type use <DB-NAME> you located earlier.

Run select * from users and you need to find the email you wish to update. In our example, we'll use Jasmine's email. Now run the following to fix the user:

This should be successful with no issues: