Gitlab locked login backdoor
============================

Published  : 1 January 2025
Reading    : 1 min
Tags       : gitlab
URL        : https://ctrl-find.nl/posts/gitlab_backdoor/
Plain text : https://ctrl-find.nl/posts/gitlab_backdoor/index.txt

------------------------------------------------------------

When locked out of the Gitlab environment, you'll need to enable default sign-in method when OIDC or AD is configured.
This could be done from within the UI, but if you are locked out then this method will ofcourse not work.  
  
Enabling sign-in can also be done from the command line. SSH into the Gitlab server and perform the following command to enable sign-in.

## start rails console (takes a while)

```bash
gitlab-rails console
```

### Enable

```bash
Gitlab::CurrentSettings.update!(password_authentication_enabled_for_web: true)
```

### Disable

```bash
Gitlab::CurrentSettings.update!(password_authentication_enabled_for_web: false)
```


------------------------------------------------------------
NAVIGATION

  [index]  https://ctrl-find.nl/posts/index.txt

  [<< prev] How to configure Gitlab Advanced Search
            https://ctrl-find.nl/posts/gitlab_advanced_search/index.txt


  [next >>] Create and check certificates
            https://ctrl-find.nl/posts/certificates/index.txt

------------------------------------------------------------

CTRL-Find — Debugging all systems
https://ctrl-find.nl/