Disable 2FA root cockpit access (token lost)

NethServer Version: 7.9
Module: cockpit


I lost my phone with the 2FA Authenticator app on it and my backup failed. I have command line access to the server and the root password.

How can I disable/reset 2FA access to cockpit to allow me to log in. I can’t find an example of how anywhere?

Thanks in advance


Did you already read this?



No I had not found that, thank you!

You’re welcome! I hope it works for you… let me know how it goes with it :hugs:


Did you solve it?

@m.traeumner Yes I was able to reset, the help doc was exactly what I needed thank you.

1 Like

@kiemosan mark Davide Principi’s post as “solution”

1 Like

How to do this, if ssh access also protected by 2FA?

Best regards, Marko

If Sysadmin’s token device is lost, and his recovery codes are lost, and no console-like access is available… Well Sysadmin is locked out of the server!

1 Like

…and to make a little more explicit what was implicit in Davide’s post, you really should have something simulating local console access to your server–either as the actual physical console, IPMI, or VNC into your VPS provider. Logging in there shouldn’t require 2FA.

Failing that, if you have another user that can log in via SSH, and has the ability to sudo, you may be able to remove 2FA that way.