2nd admin not getting passed cgi auth security

New Member Joined: Apr 27, 2004 Posts: 11

ok first if this has already been covered I appologise cause I have searched and was unable to find a thread. If there is please direct me.

I downloaded and installed ravennuke basically cause it seams to be the most secure of the nukes that's easy to install (thanks for that by the way Wink

)

everything went great cgi auth even went great, however I decided I needed a second admin so this is what I did.

I made a new admin then went to sentinel and scaned for new authors. THen I clicked to view th authors and they were both there me as god and then the second admin. I checked his details and protected the admin. I then clicked the link above for building a new staccess file.

I thought it would be ok because it should only need that file changing but not htaccess, the thing is it wont let the user and pass through the CGI (mine is ok 'god')

ok I decided to delete the htaccess and staccess file and start again. I did that and mine worked fine, still the 2nd doesn't grrrrrr. ok I downloaded my staccess file and in it it has me and the 2nd admin in it. so..... if I have the htaccess file in place and the staccess file in place and we are both ion the staccess file I need to know why I can gain access but my 2nd admin can't.

dunno if I have all the info here that's needed but any help will be appreciated.

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

The process for adding admins is the same whether adding a God admin or not as far as NukeSentinel(tm) is concerned.

1 - While logged into nuke as a God admin, add the admin through nuke Edit Admins option.
2 - Goto the NukeSentinel(tm) Administration panel.
3 - Select Scan for New Admins.
4 - Select Admin Auth List and verify the name/password. Also, if you want to protect the admin then select Protected.
5 - Build the new .staccess file.
6 - Verify that the .staccess file has the correct NukeSentinel(tm) name (it is case sensitive in NukeSentinel(tm))

It sounds like you have done this. Assuming you have, be sure to log completely out of your browser sessions before trying to test the new NukeSentinel(tm) admin and id. Make sure that the password you are using for NukeSentinel(tm) login is the same as the password that displays in the Admin Auth List.

Posted: Thu Dec 27, 2007 3:54 pm

Thx for the reply raven .. Ok I rechecked what you asked and it brought up a fault that I don't understand so here it is:

I completed numers 1 through 3 in your list then went to 4 and tried to verify the user and pass but it doesn't show the pass and niether does it in the staccess file I get this as the password : zbqdd33c2am83dkysq24 whereas I picked and actual word that is easy to remember. I assumed this is encrypted but I can't verify the pass as it just looks like a jumble of numbers and letters. The god account is also like this and it is also like this in the staccess file.

I am obvioulsy thinking that it's wrong as your num 4 in your list tells me to check the user and pass which can't be done.... is this a problem?

Posted: Thu Dec 27, 2007 4:00 pm

SH*T THE BED ! ............ ok I just changed the jumble of words in sentinel to the correct pass and rebuilt the staccess file and it worked a treat. Looks like it is just a glitch between nuke and sentinel for some reason.

Sorry for wasting your time raven and thanks for the help.

Posted: Thu Dec 27, 2007 4:35 pm

That's why I specified "verify the name/password" in step #4. Most of the time when I see this issue it is usually the result of the stored password issue. I have personally never had the issue in any of the setups I have done, so I'm not sure if it's a procedural error or programming. In any event, you're working!

RavensScripts

Only registered users can see links on this board! Get registered or login!