blog.deanwild.co.uk

I recently got locked out of my Truenas server Web UI.

I had 2FA enabled and I was certain that my password was correct.

Luckily I had not enabled 2FA on SSH so I was able to gain access that way,

From here I was able to disable and re-enable 2FA using the following commands:

su
cd usr/local/bin
./midclt call auth.twofactor.update '{"enabled": false}'
./midclt call auth.twofactor.update '{"enabled": true}'

UPDATE:

About a month later this happened to me again so I decided to dig a little deeper.

I read on a forum post that this is typically caused by the system clock getting out of sync. Sure enough I ran the date command and observed that the system time was out by a good 2 minutes which i'm fairly certain would be enough to throw off the 2FA code system.

I didn't really have time to figure out why the clock sync does not work so I simply added a daily chron job to force an ntp sync using this command:

ntpdate -u 0.freebsd.pool.ntp.org​

Like so:

I agree that my data (incl. my anonymized IP address) gets stored!

Comment

Currently there are no comments, so be the first!