Applicable to:
- Plesk for Linux
Symptoms
Plesk interface is inaccessible. One of the following error messages is shown in a web-browser or when executing some Plesk utilities, like plesk db
or plesk login
:
PLESK_INFO: ERROR: 500 Plesk\Exception\Database
Zend_Db_Adapter_Exception: SQLSTATE[HY000] [1045] Access denied for user 'admin'@'localhost' (using password: YES)
PLESK_INFO: ERROR: PleskFatalException
Unable to connect to database: saved admin password is incorrect.
0: common_func.php3:93
psaerror(string 'Unable to connect to database: saved admin password is incorrect.')
1: auth.php3:127
Additionally, an exception has occurred while trying to report this error: Zend_Exception
No entry is registered for key &;translate&; (Abstract.php:144)
Cause
The hashed password in the file /etc/psa/.psa.shadow
, that is used to access Plesk database, does not match the admin password in the 'mysql' database.
Resolution
-
Make a backup of the file
/etc/psa/.psa.shadow
:# cp /etc/psa/.psa.shadow /etc/psa/.psa.shadow.bak
-
Insert the new password in
/etc/psa/.psa.shadow
in plain text:# echo 'new_password' > /etc/psa/.psa.shadow
Note: do not forget to replace the new password from the command by the proper password.
-
Set the same password using Plesk utility in order to store it encrypted in
/etc/psa/.psa.shadow
:# PSA_PASSWORD=new_password /usr/local/psa/admin/sbin/ch_admin_passwd
Note: if this command produces some output, apply the 2 method.
-
Connect to the Plesk server via SSH.
-
With the command below, check if the directive
old-passwords
exist in the MySQL configuration filemy.cnf
(no output means it does not exist):# grep -ir old-passwords /etc/my*
- If it exists, remove it using a text editor.
-
Get a hashed password of the MySQL admin user and copy it to clipboard:
Note: Make sure there is only one password specified in the file.
# grep AES /etc/psa/.psa.shadow
Here is an example of a hashed password:
PLESK_INFO: $AES-128-CBC$ZmY/EEpy1+TwCNq5kalqSA==$Pd02kf4TTlpXdi/qyeo92w==
-
Modify the
my.cnf
file:4.1. Open the
my.cnf
file in a text editor. In this example, we are using the vi editor:-
on CentOS/RHEL-based distributions
# vi /etc/my.cnf
-
on Debian/Ubuntu-based distributions
# vi /etc/mysql/my.cnf
4.2. Add the
skip-grant-tables
line under the[mysqld]
section:CONFIG_TEXT: [mysqld]
skip-grant-tables
<...>4.3. Save the changes and close the file.
-
-
Restart MySQL. The command depends on MySQL version and operating system:
# service mariadb restart
# service mysql restart
# service mysqld restart -
Connect to MySQL:
# plesk db
-
Switch to the mysql database:
MYSQL_LIN: mysql> use mysql;
-
Find the version of MySQL:
MYSQL_LIN: mysql> SELECT VERSION();
-
Reload the ACL tables cache:
MYSQL_LIN: mysql> FLUSH PRIVILEGES;
Note: Once the command above is executed, do not exit the current MySQL session as this command loads grant tables back.
-
Restore the MySQL admin user:
-
For MySQL 5.1 up to 5.6 and MariaDB 5.5 up to 10.3
-
Drop the current admin user:
MYSQL_LIN: mysql> DROP USER 'admin'@'localhost';
-
Create a new admin user with the hashed password from step 3:
MYSQL_LIN: mysql> CREATE USER 'admin'@'localhost' IDENTIFIED BY 'HASHED_PASSWORD_FROM_STEP_3';
-
Grant all permissions to the admin user:
MYSQL_LIN: mysql> GRANT ALL ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
-
Exit MySQL:
MYSQL_LIN: mysql> exit
-
-
For MariaDB 10.4 and later versions
-
Drop the current admin user:
MYSQL_LIN: mysql> DROP USER 'admin'@'localhost';
-
Create a new admin user with the hashed password from step 3:
MYSQL_LIN: mysql> CREATE USER 'admin'@'localhost' IDENTIFIED VIA mysql_native_password USING PASSWORD('HASHED_PASSWORD_FROM_STEP_3');
-
Grant all permissions to the admin user:
MYSQL_LIN: mysql> GRANT ALL ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
-
Exit MySQL:
MYSQL_LIN: mysql> exit
-
-
For MySQL 5.7 up to 8.0
-
Drop the current admin user:
MYSQL_LIN: mysql> DROP USER 'admin'@'localhost';
-
Create a new admin user with the hashed password from step 3:
MYSQL_LIN: mysql> CREATE USER 'admin'@'localhost' IDENTIFIED WITH 'mysql_native_password' BY 'HASHED_PASSWORD_FROM_STEP_3';
-
Grant all permissions to the admin user:
MYSQL_LIN: mysql> GRANT ALL ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
-
Exit MySQL:
MYSQL_LIN: mysql> exit
-
-
-
Remove the
skip-grant-tables
line from themy.cnf
file (step 4). -
Restart MySQL:
# service mariadb restart
# service mysql restart
# service mysqld restart
Comments
5 comments
Amazing !
🙏🙏🙏
it is not abolut my article
This did nothing to solve the problem in Ubuntu 22.04 LTS with MariaDB
Not the first error I've had and spent hours trying to figure out. I finally purchased Plesk's support plan for $10/month today and that will be money well spent if they are able to fix the issue. Unfortunately, Plesk encrypts all of their files which makes troubleshooting and debugging very difficult. I guess for a support plan though $10 is a super easy decision for me.
Your guide not only covered the technical aspects thoroughly but also anticipated potential challenges and offered clear solutions. This level of detail and practical advice makes it an invaluable resource for anyone tackling this migration.
Thank you for sharing your expertise and creating such a comprehensive and user-friendly resource. It’s clear a lot of effort went into making this guide, and it is deeply appreciated!
Please sign in to leave a comment.