password

BitWarden

by Ulysses · Mar 11, 2021

I changed password managers from LastPass to BitWarden the other day. Migrating your credentials requires exporting and importing a CSV file from one program to another. It was an easy transition. Everything seems to work. As you may be aware, LastPass decided to make their free account limited to just one device. Customers will need to choose which device to use, whether desktop or mobile. Not both. If you want it on multiple devices, you’ll need to fork up $3 per month. It is not that expensive, but there are other alternatives. A few recommend BitWarden. It will let you sync to all devices for free. It was an easy choice.

Change MySQL User Password

by Ulysses · Nov 29, 2020

This is a very simple command to run. Login to MySQL first and run the following the command line.

ALTER USER username IDENTIFIED BY 'password';

Flush privileges for changes to take effect.

flush privileges;

AWS IAM Self Manage Policy

by Ulysses · Jul 28, 2020

Here’s the permission needed for an AWS user to manage their own IAM account. The policy allows them to view their own account information, change their own passwords, rotate access keys and certificates, and manage their own git credentials.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowViewAccountInfo",
            "Effect": "Allow",
            "Action": [
                "iam:GetAccountPasswordPolicy",
                "iam:GetAccountSummary"
            ],
            "Resource": "*"
        },
        {
            "Sid": "AllowManageOwnPasswords",
            "Effect": "Allow",
            "Action": [
                "iam:ChangePassword",
                "iam:GetUser"
            ],
            "Resource": "arn:aws:iam::*:user/${aws:username}"
        },
        {
            "Sid": "AllowManageOwnAccessKeys",
            "Effect": "Allow",
            "Action": [
                "iam:CreateAccessKey",
                "iam:DeleteAccessKey",
                "iam:GetAccessKeyLastUsed",
                "iam:ListAccessKeys",
                "iam:UpdateAccessKey"
            ],
            "Resource": "arn:aws:iam::*:user/${aws:username}"
        },
        {
            "Sid": "AllowManageOwnSigningCertificates",
            "Effect": "Allow",
            "Action": [
                "iam:DeleteSigningCertificate",
                "iam:ListSigningCertificates",
                "iam:UpdateSigningCertificate",
                "iam:UploadSigningCertificate"
            ],
            "Resource": "arn:aws:iam::*:user/${aws:username}"
        },
        {
            "Sid": "AllowManageOwnSSHPublicKeys",
            "Effect": "Allow",
            "Action": [
                "iam:DeleteSSHPublicKey",
                "iam:GetSSHPublicKey",
                "iam:ListSSHPublicKeys",
                "iam:UpdateSSHPublicKey",
                "iam:UploadSSHPublicKey"
            ],
            "Resource": "arn:aws:iam::*:user/${aws:username}"
        },
        {
            "Sid": "AllowManageOwnGitCredentials",
            "Effect": "Allow",
            "Action": [
                "iam:CreateServiceSpecificCredential",
                "iam:DeleteServiceSpecificCredential",
                "iam:ListServiceSpecificCredentials",
                "iam:ResetServiceSpecificCredential",
                "iam:UpdateServiceSpecificCredential"
            ],
            "Resource": "arn:aws:iam::*:user/${aws:username}"
        }
    ]
}

{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowViewAccountInfo", "Effect": "Allow", "Action": [ "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary" ], "Resource": "*" }, { "Sid": "AllowManageOwnPasswords", "Effect": "Allow", "Action": [ "iam:ChangePassword", "iam:GetUser" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnAccessKeys", "Effect": "Allow", "Action": [ "iam:CreateAccessKey", "iam:DeleteAccessKey", "iam:GetAccessKeyLastUsed", "iam:ListAccessKeys", "iam:UpdateAccessKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSigningCertificates", "Effect": "Allow", "Action": [ "iam:DeleteSigningCertificate", "iam:ListSigningCertificates", "iam:UpdateSigningCertificate", "iam:UploadSigningCertificate" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSSHPublicKeys", "Effect": "Allow", "Action": [ "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnGitCredentials", "Effect": "Allow", "Action": [ "iam:CreateServiceSpecificCredential", "iam:DeleteServiceSpecificCredential", "iam:ListServiceSpecificCredentials", "iam:ResetServiceSpecificCredential", "iam:UpdateServiceSpecificCredential" ], "Resource": "arn:aws:iam::*:user/${aws:username}" } ] }

Remove Sudo Password

by Ulysses · Jul 28, 2020

Removing sudo password is typically not a good practice. If you’re a seasoned system administrator, or you’re the only one using your own desktop, being prompted for a sudo password can get really annoying. Here’s how to stop getting prompted every time you run sudo.

Run visudo.

sudo visudo

Edit the sudo line and set to below.

%sudo ALL=(ALL) NOPASSWD: ALL

Save file.

EC2 Password Authentication

by Ulysses · May 18, 2020

When you stand up an AWS instance, it’s only accessible via SSH key using the default user, typically ec2-user.

Add password to ec2-user, then enable password authentication to ‘yes’ in SSH.

# Add password to ec2-user
sudo passwd ec2-user
# edit ssh config
vim /etc/ssh/sshd_config
# enable password authentication
PasswordAuthentication yes
# save file and exit

Restart SSH service.

systemctl restart sshd.service

Recover MySQL Root Password

by Ulysses · Sep 2, 2019

How to recover a MySQL root password without a password.

Stop MySQL.
Start MySQL Safe Mode.
Login to MySQL as root without password.
Change root password.

# Stop MySQL.
service mysql stop
# MySQL Safe Mode.
mysqld_safe --skip-grant-tables &

# Login to MySQL without password. Set new password.
mysql -u root -p
use mysql;
# For MySQL 5.6 or lower
UPDATE mysql.user SET Password=PASSWORD('newpassword') WHERE User='root';
# For MySQL 5.7 or higher
SET PASSWORD FOR 'root'@'localhost' = PASSWORD("newpassword");
FLUSH PRIVILEGES;
exit;

# Kill mysqld
killall mysqld
# Restart MySQL
service mysql start

I ran into issues running MySQL Safe mode. I got a “UNIX socket file don’t exists” error. Here’s the fix.

mkdir -p /var/run/mysqld
chown mysql:mysql /var/run/mysqld

Change WordPress Password

by Ulysses · Jul 18, 2016

One of the worst things that could happen to your blog is losing your login credentials. It’s a rare event, but it does happen occasionally. This is particularly true if you run hundreds of blogs and websites. Keeping track of all usernames and passwords can be a bit of a challenge.

If you have forgotten your WordPress password, you can quickly recover it, by using the “Lost your password” link underneath the login form. In my case, WordPress mail was not working. So, not only I can’t remember my password, but I also can’t send out lost passwords via email.

Thankfully, I had access to PHPMyadmin, a MySQL database administration tool.

Log in to PHPMyadmin. Access the WordPress database and look for the wp_users table. Edit the admin user and change the “user_pass” field. The WordPress password field uses the MD5 encryption instead of being in the clear.

Save your changes. Log in to WordPress.

Change MySQL Password

by Ulysses · Oct 8, 2015

The following are instructions on how to change your MySQL password from the Unix command line.

mysql -u root -p
use mysql;

Change the password for any user, flush privileges and quit.

update user set password=PASSWORD('new_password') where User='root';
flush privileges;
quit

Make sure to make password changes on your applications as well.

In WordPress, edit the wp-config.php file to change database password.