PhpMyAdmin BlowFish

Questions regarding the Database Server
MySQL, PostgreSQL, MariaDB, Percona Server, phpMyAdmin, phpPgAdmin
skurudo
VestaCP Team
Posts: 7802
Joined: Fri Dec 26, 2014 2:23 pm
Location: Moscow
Contact:

Re: PhpMyAdmin BlowFish

Postby skurudo » Sat Aug 15, 2015 8:58 am

pandabb wrote:bump , anyone got any suggestions?


Yeah, already have fresh ideas, but we need time to gerenerate those ;-)

/usr/share/phpmyadmin/config.sample.inc.php - check this file, rename file, check blowfish inside and check your phpmyadmin.

pandabb
Posts: 192
Joined: Sat Aug 08, 2015 3:03 am

Re: PhpMyAdmin BlowFish

Postby pandabb » Sat Aug 15, 2015 11:09 am

Hello thanks skrudo.

I just checked " /usr/share/phpMyAdmin " i don't have any config files here even the sample one.

Code: Select all

.                        server_export.php
..                       server_import.php
browse_foreigners.php    server_plugins.php
changelog.php            server_privileges.php
chk_rel.php              server_replication.php
composer.json            server_sql.php
db_central_columns.php   server_status_advisor.php
db_create.php            server_status_monitor.php
db_datadict.php          server_status.php
db_designer.php          server_status_processes.php
db_events.php            server_status_queries.php
db_export.php            server_status_variables.php
db_import.php            server_user_groups.php
db_operations.php        server_variables.php
db_printview.php         setup
db_qbe.php               show_config_errors.php
db_routines.php          sql
db_search.php            sql.php
db_sql_autocomplete.php  tbl_addfield.php
db_sql_format.php        tbl_change.php
db_sql.php               tbl_chart.php
db_structure.php         tbl_create.php
db_tracking.php          tbl_export.php
db_triggers.php          tbl_find_replace.php
doc                      tbl_get_field.php
error_report.php         tbl_gis_visualization.php
export.php               tbl_import.php
favicon.ico              tbl_indexes.php
file_echo.php            tbl_operations.php
gis_data_editor.php      tbl_printview.php
import.php               tbl_recent_favorite.php
import_status.php        tbl_relation.php
index.php                tbl_replace.php
js                       tbl_row_action.php
libraries                tbl_select.php
license.php              tbl_sql.php
locale                   tbl_structure.php
navigation.php           tbl_tracking.php
normalization.php        tbl_triggers.php
phpinfo.php              tbl_zoom_select.php
phpmyadmin.css.php       themes
phpunit.xml.hhvm         themes.php
phpunit.xml.nocoverage   transformation_overview.php
prefs_forms.php          transformation_wrapper.php
prefs_manage.php         url.php
print.css                user_password.php
schema_export.php        version_check.php
server_binlog.php        view_create.php
server_collations.php    view_operations.php
server_databases.php     webapp.php
server_engines.php

skurudo
VestaCP Team
Posts: 7802
Joined: Fri Dec 26, 2014 2:23 pm
Location: Moscow
Contact:

Re: PhpMyAdmin BlowFish

Postby skurudo » Sat Aug 15, 2015 7:08 pm

pandabb wrote:I just checked " /usr/share/phpMyAdmin " i don't have any config files here even the sample one.


Try to add config there and check again, please.

pandabb
Posts: 192
Joined: Sat Aug 08, 2015 3:03 am

Re: PhpMyAdmin BlowFish

Postby pandabb » Mon Aug 17, 2015 7:47 pm

Hi again,

Here's what i did i made a copy of my config file from /etc/phpMyAdmin/config.inc.php then paste it to /usr/share/phpMyAdmin/

i tried to refresh still the same , even rebooted my server.

pandabb
Posts: 192
Joined: Sat Aug 08, 2015 3:03 am

Re: PhpMyAdmin BlowFish

Postby pandabb » Wed Aug 19, 2015 6:16 am

Update: After reading some tutorials online is it possible i have to do this too ?

After the packages had been installed you need to enable some PHP extensions (mysqli.so, mcrypt.so – for internal authentication) and you can, also, enable other modules for needed for future CMS platforms like openssl.so, imap.so or iconv.so etc.

$ sudo nano /etc/php/php.ini
Locate and uncomment the above extensions.

extension=mcrypt.so
extension=mssql.so
extension=mysqli.so
extension=openssl.so
extension=iconv.so
extension=imap.so
extension=zip.so
extension=bz2.so

Also, on same file, search and locate open_basedir statement and add PhpMyAdmin system path (/etc/webapps/ and /usr/share/webapps/) to make sure PHP can access and read files under those directories (If you, also, change Virtual Hosts DocumentRoot path from /srv/http/ to another location you need to append the new path here too).


The one in bold, i checked my php.ini so far when i search my server there are 3 php.ini

find / -name php.ini
/usr/local/vesta/php/lib/php.ini
/usr/local/vesta/src/rpm/conf/php.ini
/etc/php.ini

i checked the line with open base dir as suggested above: mine is empty


; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; http://php.net/open-basedir
;open_basedir =

Do i need to alter the open_basedir=?


Another clue: Anything that i add at my config file doesnt take effect, example i add : $cfg['ForceSSL'] = true; it doesnt work. IT seems like its not being able to read it at all.

phez
Posts: 24
Joined: Mon Nov 25, 2013 7:07 am

Re: PhpMyAdmin BlowFish

Postby phez » Thu Nov 05, 2015 8:03 am

I got rid of the blowfish message by running this command (Centos 6.7)

chown -R admin phpMyAdmin

in the directory

/etc/

This is the type of stuff that needs to be fixed in VestaCp to make it a real contender.

Lordbl4
Posts: 17
Joined: Fri May 20, 2016 7:09 am

Re: PhpMyAdmin BlowFish

Postby Lordbl4 » Tue Aug 01, 2017 7:30 am

phez wrote:I got rid of the blowfish message by running this command (Centos 6.7)

chown -R admin phpMyAdmin

in the directory

/etc/

This is the type of stuff that needs to be fixed in VestaCp to make it a real contender.


thanks man! have same problem on Centos 6.7 and fix it.

in the directory /etc run command

Code: Select all

chown -R admin phpMyAdmin

and refresh ur browser

phez
Posts: 24
Joined: Mon Nov 25, 2013 7:07 am

Re: PhpMyAdmin BlowFish

Postby phez » Wed Nov 29, 2017 8:44 am

Just an update re Blowfish. Seems the latest Vesta install on CentOS 6.x is generating the "blowfish password is too short". If you see that then:

Log in to SSH

cd /etc/phpMyAdmin

vi config.inc.php

Locate following line: $cfg['blowfish_secret'] = 'xxxxxxxx' (where xxxxxx is a random set of characters). You need to create a bunch of 32 random characters or use the below website to randomly generate it for you:
http://www.passwordtool.hu/blowfish-pas ... -generator

Press "INS" key to allow modification to the file and position your cursor over the existing characters and now enter your 32 random characters over the existing characters.

Press "ESC" key twice. Press ":" now enter "x" and press enter. You have now saved your file and you should now refresh the www.myserver.com/phpmyadmin website and login without the blowfish error message.


Return to “Database Server”



Who is online

Users browsing this forum: No registered users and 3 guests