Complete Guide to Fixing Default Passwords for Amportal / Free-PBX / MySQL /phpSQL / FOP / Postfix / Meet-Me & Apache

Mac_1000
Posts: 39 Member Since: 2007-08-25

Submitted by Mac_1000 on Fri, 12/19/2008 - 6:20pm.

Complete Guide to Fixing Default Passwords for Amportal / Free-PBX / MySQL /phpSQL / FOP / Postfix / Meet-Me & Apache (For trixbox CE current release is 2.6.1.13 this Dec 19-2006) Change default passwords: Let's change our passwords. We need to do this at the Linux CLI. Update maint password by typing passwd-maint at the command line. Enter the password twice. Update Web meetme password by typing 'passwd-meetme' at the command line. Enter the password twice. FreePBX admin pass: To change the FreePBX manager pass, you need to edit two separate files and put in the new password. nano /etc/asterisk/manager.conf Find 'secret = amp111' under the [admin] section. Change 'amp111' to your new desired password. CTRL+X followed by 'Y' to save and exit. Now, we need to edit the /etc/amportal.conf to use our new password. nano /etc/amportal.conf Find the line that says 'AMPMGRPASS=amp111' and change the 'amp111' to the new password you just set. CTRL+X followed by 'Y' to save and exit. amportal restart *** NOTE: I have found out the hard way that FreePBX does not like having an exclamation point (!) in the admin password. There may be other special characters that it doesn't like also. -----------------------------------------------------------Changing the MySQL / CDR / phpMySQL / password on trixbox 2.6.1+ systems: mysql -u root -p From here, enter the mySQL root password, which is passw0rd by default You will be entered into the mysql configuration page. You will see: mysql>

Type: use mysql; Type all on one line: update user set password=PASSWORD("new_pass_here") where User='asteriskuser'; Type: flush privileges; Type: quit The passwords must now be updated into the required files. See below. Edit /etc/amportal.conf. Change the AMPDBPASS from amp109 to the new password you just created Edit /etc/asterisk/cdr_mysql.conf and change the default password to the new password for Call Detail Records (CDR) Edit /etc/asterisk/cbmysql.conf and change the default password to the new password for MySQL If you have phpMyadmin installed, you will encounter an error upon accessing it. To fix the error, edit /var/www/html/maint/modules/phpmyadmin/config.inc.php. Scroll down and you will see the default password entered there. Replace that with the new password you created Type: mysqladmin -u root -p password NewPassword You will be prompted for the old mysql root password, which is passw0rd by default Run the following two commands: service mysqld restart amportal restart ----------------------------------------------------------------------FIXING FOP / POSTFIX & MEET-ME PASSWORD Change FOP password: in amportal.conf, find FOPPASSWORD=passw0rd and change it to "FOPPASSWORD=newpassword" Now that we have reached 2.6.1 and they have changed the MTA to Postfix you might wish to add the password change in the file /var/www/html/include/ccsframework/Common.php as well. Also, for Meetme to not fail with a db connect failure change :- /var/www/html/webmeetme/lib/database.php ------------------------------------------------------------------FIXING APACHE "Maint " User - LOGON Configuration This module may not be active by default, and will say 'NOTE AUTHTYPE is not set to 'database' in /etc/amportal.conf - Module crippled'. To enable it, you need to change AUTHTYPE in /etc/amportal.conf to 'database'. If you have already tried to add users before changing AUTHTYPE to 'database', delete them now and read the "important warning" below.

Trixbox or Asterisk@Home users have some extra work due to the Apache level authentication with the "maint" user. You will have to comment out or delete the following lines in /etc/trixbox/httpdconf/trixbox.conf for Trixbox or /etc/httpd/conf/httpd.conf for A@H for this to work: # Password protect /var/www/html/admin # # AuthType Basic # AuthName "Restricted Area" # AuthUserFile /usr/local/apache/passwd/wwwpasswd # Require user wwwadmin maint # Then you have to restart httpd (/etc/init.d/httpd restart) and possibly amportal (amportal restart) too. You should now be able to login with admin/admin and create/change users in the Administrators module. Be sure to change the admin password straight away! Important Warning! Read before using this module It is quite easy to lock yourself out of freePBX if you enable AUTHTYPE after you have added users. Don't do it. If you want to use this, then you must have NO USERS CREATED before you turn it on. If you don't heed this advice, and turn it on with an existing user there, then nothing you type in will let you access freePBX. You'll have to turn it back off, and then delete any existing users. Adding a User Enter a username and password in the General section. If this is the first user, make sure that you select 'ALL SECTIONS' in the 'Admin Access' list so you can get back in there. As soon as you add the first user, you will then be prompted for a username and password. Log in as the user you've just created. Limiting User Access - Department Name - Have been unable to find any documentation on this . Help? - Extension Range - When this user is logged in, they will only see the range specified here. This is useful if you're setting up multiple tenants on the one system.

- Admin Access - This is a multiple-selection box. You can select a range of areas they're allowed to access by either holding down Control (or 'apple' on Mac's) and selecting individual ones, or dragging the mouse over the list of ones you want to give them access to. ----------------------------------------------------------P.S - If you want to use the same logon User for both Web Apache and Free PBX area then go to PBX / Admin /Administrator and ADD a NEW USER in Admin called maint make sure that you select 'ALL SECTIONS' in the 'Admin Access' and add the very same password that you chose for the Web Apache maint user. Ok, we are done here. Enjoy. Mac_1000 Loadzone for ArgentinaOutgoing Caller ID CNAM/LIDB -Mac_1000
&nbsp

Mac_1000
Posts: 39 Member Since: 2007-08-25

Update to Complete Guide to Fixing Default Passwd-Web Ref Links

Fri, 12/19/2008 - 6:37pm

Update to Complete Guide to Fixing Default Passwd-Web Ref Links Securing your PBX - josephades1 http://josephades1.googlepages.com/gen_securetb trixbox CE v2.6 security settings Sherwood's Asterisk-Trixbox Blog http://www.sureteq.com/blog/?p=21 SureTeq, Inc. - trixbox CE v2.6 security settings http://sureteq.com/asterisk/trixbox_CE_v2.6_security.htm Free PBX - Configuration http://www.freepbx.org/support/documentation/module-documentation... Earl McPhail, MCSE, A+ EBM Telecom N Cable aka Mac_1000