Lost access to all passwords

I have lost access to my password manager. All my passwords including the admin password, ssh user password and ssh key passphrase was in there. I still have access to the backups.

What information is in the backups made to backblaze?

Is there a way that I can create a new vm, install miab, restore the backups from backblaze and then reset the password for the admin user?

You must have the file /home/user-data/backup/secret_key.txt because the backups stored are encrypted with that key.

If the email was on a VPS provider, you can try and get a new password with them by tying your login information with your credit card, which you can verify directly over the phone with your bank.

You can then use the VPS provider dashboard to access the VPS virtual console, then use MiaB commands to reset the admin password.

As a side note, passwords for SSH keys should always be something you know, never something stored in a password manager. The primary function of SSH password is just to prevent someone else from using the private key if they somehow were to acquire it.

I have still the secret key. So restoring the backups is not a problem.

I hosted it myself on my own server. So I can’t ask a vps provider.

I created a new server and installed miab. Now I want to restore the backups following the restore procedure stated in the maintence manual.
What I see is I have to set some environment variables for access key etc. They talk about s3. What will the environment variables for backblaze be?

Thank you!

You should refer to the Backblaze docs for using their service in place of Amazon.

As a side note, if you did not use full disk encryption, you would have the option of mounting the previous install disk to a new disk and retrieving data that way.

Thank you for all your input.

I have restored the backup to the new server. The restore was succesfull.

I ran the following command for resetting the password but it still gives me an error “Invalid password” when accessing the admin dashboard.

/root/mailinabox/tools/mail.py user password tom@tombuvyoets.nl

What do I wrong?

Try ./root/mailinabox/management/cli.py for command and options.

Even using the CLI command, you still have to use the admin address and admin password with the
--user me@mydomain.com:yourpassword
argument added.

Thanks, I didn’t realize that still requires the admin password.

Here is the output when running cli.py without any options:

Usage:
  management/cli.py user                                     (lists users)
  management/cli.py user add user@domain.com [password]
  management/cli.py user password user@domain.com [password]
  management/cli.py user remove user@domain.com
  management/cli.py user make-admin user@domain.com
  management/cli.py user remove-admin user@domain.com
  management/cli.py user admins                              (lists admins)
  management/cli.py user mfa show user@domain.com            (shows MFA devices for user, if any)
  management/cli.py user mfa disable user@domain.com [id]    (disables MFA for user)
  management/cli.py alias                                    (lists aliases)
  management/cli.py alias add incoming.name@domain.com sent.to@other.domain.com
  management/cli.py alias add incoming.name@domain.com 'sent.to@other.domain.com, multiple.people@other.domain.com'
  management/cli.py alias remove incoming.name@domain.com

Removing a mail user does not delete their mail folders on disk. It only prevents IMAP/SMTP login.

So I’m guessing add a new user than make-admin the new user?

Oh wait, I just realized I was thinking of going through the API, not the CLI. The CLI should work by making a new user, then giving it the admin permissions.

Okay, I just tested out using the cli.py command and apparently the [password] means enter the new password at the prompt. So using the following command will change the password of any user:

cli.py user password user@domain.com

I have succesfully restored my mail on a different machine and restored the admin password.

Thanks all for your support!

1 Like