Applicable to:
- Plesk for Linux
Symptoms
Plesk interface is inaccessible. One of the following error messages is shown in a web-browser or when executing some Plesk utilities, like plesk db
or plesk login
:
PLESK_INFO: ERROR: 500 Plesk\Exception\Database
Zend_Db_Adapter_Exception: SQLSTATE[HY000] [1045] Access denied for user 'admin'@'localhost' (using password: YES)
PLESK_INFO: ERROR: PleskFatalException
Unable to connect to database: saved admin password is incorrect.
0: common_func.php3:93
psaerror(string 'Unable to connect to database: saved admin password is incorrect.')
1: auth.php3:127
Additionally, an exception has occurred while trying to report this error: Zend_Exception
No entry is registered for key &;translate&; (Abstract.php:144)
Cause
The hashed password in the file /etc/psa/.psa.shadow
, that is used to access Plesk database, does not match the admin password in the 'mysql' database.
Resolution
-
Make a backup of the file
/etc/psa/.psa.shadow
:# cp /etc/psa/.psa.shadow /etc/psa/.psa.shadow.bak
-
Insert the new password in
/etc/psa/.psa.shadow
in plain text:# echo 'new_password' > /etc/psa/.psa.shadow
Note: do not forget to replace the new password from the command by the proper password.
-
Set the same password using Plesk utility in order to store it encrypted in
/etc/psa/.psa.shadow
:# PSA_PASSWORD=new_password /usr/local/psa/admin/sbin/ch_admin_passwd
Note: if this command produces some output, apply the 2 method.
-
Connect to the Plesk server via SSH.
-
With the command below, check if the directive
old-passwords
exist in the MySQL configuration filemy.cnf
(no output means it does not exist):# grep -ir old-passwords /etc/my*
- If it exists, remove it using a text editor.
-
Get a hashed password of the MySQL admin user and copy it to clipboard:
Note: Make sure there is only one password specified in the file.
# grep AES /etc/psa/.psa.shadow
Here is an example of a hashed password:
PLESK_INFO: $AES-128-CBC$ZmY/EEpy1+TwCNq5kalqSA==$Pd02kf4TTlpXdi/qyeo92w==
-
Modify the
my.cnf
file:4.1. Open the
my.cnf
file in a text editor. In this example, we are using the vi editor:-
on CentOS/RHEL-based distributions
# vi /etc/my.cnf
-
on Debian/Ubuntu-based distributions
# vi /etc/mysql/my.cnf
4.2. Add the
skip-grant-tables
line under the[mysqld]
section:CONFIG_TEXT: [mysqld]
skip-grant-tables
<...>4.3. Save the changes and close the file.
-
-
Restart MySQL. The command depends on MySQL version and operating system:
# service mariadb restart
# service mysql restart
# service mysqld restart -
Connect to MySQL:
# plesk db
-
Switch to the mysql database:
MYSQL_LIN: mysql> use mysql;
-
Find the version of MySQL:
MYSQL_LIN: mysql> SELECT VERSION();
-
Reload the ACL tables cache:
MYSQL_LIN: mysql> FLUSH PRIVILEGES;
Note: Once the command above is executed, do not exit the current MySQL session as this command loads grant tables back.
-
Restore the MySQL admin user:
-
For MySQL 5.1 up to 5.6 and MariaDB 5.5 up to 10.3
-
Drop the current admin user:
MYSQL_LIN: mysql> DROP USER 'admin'@'localhost';
-
Create a new admin user with the hashed password from step 3:
MYSQL_LIN: mysql> CREATE USER 'admin'@'localhost' IDENTIFIED BY 'HASHED_PASSWORD_FROM_STEP_3';
-
Grant all permissions to the admin user:
MYSQL_LIN: mysql> GRANT ALL ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
-
Exit MySQL:
MYSQL_LIN: mysql> exit
-
-
For MariaDB 10.4 and later versions
-
Drop the current admin user:
MYSQL_LIN: mysql> DROP USER 'admin'@'localhost';
-
Create a new admin user with the hashed password from step 3:
MYSQL_LIN: mysql> CREATE USER 'admin'@'localhost' IDENTIFIED VIA mysql_native_password USING PASSWORD('HASHED_PASSWORD_FROM_STEP_3');
-
Grant all permissions to the admin user:
MYSQL_LIN: mysql> GRANT ALL ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
-
Exit MySQL:
MYSQL_LIN: mysql> exit
-
-
For MySQL 5.7 up to 8.0
-
Drop the current admin user:
MYSQL_LIN: mysql> DROP USER 'admin'@'localhost';
-
Create a new admin user with the hashed password from step 3:
MYSQL_LIN: mysql> CREATE USER 'admin'@'localhost' IDENTIFIED WITH 'mysql_native_password' BY 'HASHED_PASSWORD_FROM_STEP_3';
-
Grant all permissions to the admin user:
MYSQL_LIN: mysql> GRANT ALL ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
-
Exit MySQL:
MYSQL_LIN: mysql> exit
-
-
-
Remove the
skip-grant-tables
line from themy.cnf
file (step 4). -
Restart MySQL:
# service mariadb restart
# service mysql restart
# service mysqld restart
Comments
2 comments
Amazing !
🙏🙏🙏
it is not abolut my article
Please sign in to leave a comment.