How can I completly remove any reference to 2FA on the user settings page?

NethServer Version: 7.9.2009
Module: User-Settings


How can I completly remove any reference to 2FA on the user settiungs page?
It is displayed even if 2FA is shut of.

I would like to remove that reference from the web page itself, where can I find that page?

I mean the displayed by this here:


My 2 cents

it comes from an API, need to check

1 Like

Salut Stephane

The URL of the user settings is showed with the URL below (redacted with domain.tld).


The page as such shows this:

How could I remove the reference to 2FA (Not being used / usable in this environment, closed from Internet). 2FA is not activated in NS7, and as said, would probably not even work.

This made me quite unsure…

Could I just remove that segment of code - but would that be update safe?

Thanks for assistance here!

My 2 cents

it is in javascript code, you cannot as is remove it, I thought that you would remove the list of url available

If you want to make it broken then you could remove the update API, but the next cockpit update will make it available again. Saying that we do not know if we will push another update

How or where could I remove this?
From the snipplet above in the container?
Would removing the API remove the button?

Or could I remove the list of URLs and it would not appear with 2FA on the password change page?
(I think not, as the button would still be there).

I’m still not aware, where is actually Cockpit in NS7 - or better, where is the blob of Container stored in NS7?

I hope not, or by then be irrelevant (As upgraded to NS8).

Many thanks.

My 2 cents

You are on ns7 there is no container

No the button will still be there

Any way to remove the button?

The more one says “Don’t press the button!”, there will always be someone who does press the button…


Any way to remove a non working 2FA once set (by mistake)?

My 2 cents

Check the 2FA section from the documentation: Base system — NethServer 7 Final

In case of emergency, 2FA can be disabled accessing the server from a physical console like a keyboard and a monitor, a serial cable or a VNC-like connection for virtual machines:

access the system with user name and password


rm -f ~/.2fa.secret
sudo /sbin/e-smith/signal-event -j otp-save

Eventually, the root user can retrieve recovery codes for a user. Use the following command and replace with the actual user name :

oathtool -w 4 $(cat ~<user>/.2fa.secret)



I will test this.

My 2 cents

You have to validate the 2fa with an authentificator…it is not a simple I press a toggle…but 2 or 3 manual steps IIRC

1 Like