How to reset the console password for a local account in Twistlock

How to reset the console password for a local account in Twistlock

253
Created On 11/11/19 23:42 PM - Last Updated 12/20/19 18:42 PM
Prisma Cloud Prisma Cloud Compute Edition
Objective
If you forgot your Twistlock Console password for a local account in Twistlock, you can reset it. Follow this procedure with caution because unintended changes to the database can break Console.

Procedure
Prerequisites

You have root access to the host where Twistlock Console is installed.

Procedure
  1. Create a hash for the desired password that you wish to reset your Twistlock account to.
$ echo -n admin | openssl dgst -binary -sha256 | openssl base64

where admin is the desired clear text password.
  1. Exec into Console container
$ docker exec -ti twistlock_console /bin/ash
  1. Run mongo.
$ mongo \
  --ssl --sslAllowInvalidHostnames \
  --sslCAFile /var/lib/twistlock/certificates/ca.pem \
  --sslPEMKeyFile /var/lib/twistlock/certificates/client.pem \
  --sslPEMKeyPassword `cat /var/lib/twistlock/certificates/service-parameter`
  1. Set password for user 'admin' to admin
> use twistlock
> db.users.update({username:"admin"},{$set: {password:"jGl25bVBBBW96Qi9Te4V37Fnqchz/Eu4qB9vKrRIqRg="}})
WriteResult({ "nMatched" : 1, "nUpserted" : 0, "nModified" : 1 })
  1. Exit out of database and container
> exit
$ exit
  1. Verify the changes by logging into Console with your new password.


Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNRmCAO&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments