I am using Ubuntu 16.04 LTS with Graylog 2.2. I am able to access the login page, but no matter what I set the password to and run it through the command “echo -n password | sha256sum” I cannot log in. I have not been able to find where anyone else has had this issue either. I did go as far as wiping the server clean and starting all over again (it’s a Hyper-v VM), but the exact same issue occurred again. I am not sure what I am doing wrong now. could someone please assist?
Try using the SHA-256 hash of “password” (literally…) for testing:
root_password_sha2 = 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
Also, how exactly did you configure Graylog and which error messages do you see in your web browser when trying to log in?
I did test it with the password “password” and unfortunately it did not help. The error isn’t actually an error, but just a denied due to bad credentials. The message is “Invalid credentials, please verify them and retry.”
The command that I ran was:
echo -n password | sha256sum
and the outcome was:
5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
Using the hash for “password” (5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8), how does your Graylog configuration file look like?
It is going to be a few minutes because somehow I just accidentally cleared the server.config file while attempting to output it to screen so that I could copy and paste it here.
Hello guys, i’m facing this same problem =/
I wiped out the server and set it back up with no issue logging in now. Sorry, I do not have a solution other than that.
This is my /etc/graylog/server/server.conf
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = Bltp23N2H6xNwUaG0guc35zMeKuqosuyEB3wT6UYM0RTKtal6CafG7ToKxKfIZGQK6E3ham2XckrunC8QaC1JKoXbJSc0ko8
root_username = admin
root_password_sha2 = 6b3a55e0261b0304143f805a24924d0c1c44524821305f31d9277843b8a10f4e
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://192.168.0.104:12900/api/
web_listen_uri = http://192.168.0.104:9000/
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
allow_highlighting = false
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://localhost/graylog
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
content_packs_dir = /usr/share/graylog-server/contentpacks
content_packs_auto_load = grok-patterns.json
proxied_requests_thread_pool_size = 32
Any help will be appreciate!
Thanks!
Your password secret is incorrect. The secret isn’t supposed to be a sha256 hash, it’s supposed to be in the form of command options.
password_secret
You must set a secret that is used for password encryption and salting here. The server will refuse to start if it’s not set. Generate a secret with for example pwgen -N 1 -s 96. If you run multiple graylog-server nodes, make sure you use the same password_secret for all of them!
http://docs.graylog.org/en/2.2/pages/installation/manual_setup.html
No, it’s okay. The password_secret setting can really be any random string with at least 16 characters.
Please open a new topic and post your Graylog configuration, the logs of your Graylog node, and a detailed description of the error message(s) you see in your browser.