I am able to log into Nethserver with old cached admin credentials

I logged into the nethserver cockpit and changed my admin user’s password.
I then tried to ssh as admin using the old password and the new one I just set.
I was able to log into nethserver using both old and new password (ssh and cockpit).
I did install DUO which appears to have caused the issue.

Which user had password changed? root?

Which is your Account Provider?

You can have a AD container as account provider
Or an OpenLDAP instance

Which one is configured into your NethServer?

I found that this issue appears to have been introduced when I installed DUO on the server.

Hi @sv2015vs

Well, it seems you debunked some of the “myths” on their webpage about security and access…


My 2 cents