Good morning, I currently use check_mk but I have a problem for login, when I put the user cmkadmin and its password tells me that it is invalid, I go to the console from “omd su mysite” and change the password with “htpasswd -m /etc/ htpasswd cmkadmin” I put one and I verify the user and password with “htpasswd -v /etc/htpasswd cmkadmin” and I put the password is correct. But I go to the WEB GUI and write the username and password, it tells me “invalid credentials”, I return to the console and write “htpasswd -v /etc/htpasswd cmkadmin” it is indeed wrong, I see in the “nano /etc/htpasswd” file I see that at the start of the user “cmkadmin:!” It gives me this sigo and the password, it is modified automatically when I try to access the web GUI.
Hello OscarIsco22 and welcome to the forum!
Be careful not to mix up those two path names:
- etc/htpasswd (no slash in the beginning, but with “ht”)
- /etc/passwd (starting with a slash, then no “ht”)
Some /etc/htpasswd (with both the absolute slash beginning and the “ht” doesn’t exist by default (and shouldn’t, at least not for Checkmk).
Checkmk GUI users are managed inside Checkmk, usually (if you don’t use LDAP/AD) against ~/etc/htpasswd, i.e. a dedicated password file below the site user’s home directory. So any htpasswd command for cmkadmin (as a GUI user) must be run against that file as described in the docs, section “Changing a password using the command line”:
This is totally different from the Linux system’s /etc/passwd file which is the source for local Linux accounts (normal shell/ssh users). Concerning Checkmk, there’s only the site user whose account is managed there – unrelated to the Checkmk GUI. And this local Linux account for the site user usually has no password set, so you need sudo/su to use it (as you did).
As for the :! in the system /etc/passwd, that’s because your Linux system uses a so-called shadow password file (/etc/shadow) to better protect the password hashes. But as I said, you don’t need to work with that file anyway.
hello, thanks for answering, the truth is that the “htpasswd” file is exclusive for “apache” to consult it to start a session at “http://ip/mysite” but look, I’m sending you some images so you can understand the context in the one that I speak to you.
You can see it in this link, because it doesn’t let me upload many images and in this order, by image name: CHECK_MK – Google Drive
This is when I make the password change and verify it:
I enter the “htpasswd” file and see it this way:
![ANTES DEL ENTRAR A LA WEB GUI]!
Tried to enter the GUI and it won’t let me:
![WEB GUI]!
I go back to see the “htpasswd” file and put a “:!” and that seems strange to me, I don’t know why.
![DESPUES DE INTENTAR EN LA GUI]!
Text would be fine, but better use copy&paste, because in your first posting you write about “/etc/…” so absolute path, not relative to the site directory. If that was just a typing mistake here in the forum, then of course my explanation can be ignored.
Explanation is in the docs (section “Locking following invalid logins”), please read them:
As to why the login is taken as invalid, I can only speculate: some special characters that are treated differently in shell and browser input? Try to set a very simple password and see if that works.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.