• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Unable to obtain secret key for passwords encryption.

J

jafesc

New Pleskian
Yesterday I accidentally run "chown -R root:root /" on the SSH console of my virtual server. I canceled the running command as soon as I noticed my stupid mistake and started to recover the original file ownerships using a second, similar virtual server instance as a reference.

Everything seems to be working just fine on my server - except Plesk! This is what I get when I try to access the control panel:

ERROR: PleskFatalException
Unable to obtain secret key for passwords encryption.

0: String.php:330
Plesk_Base_Utils_String::getCryptKey()
1: common_func.php3:3453
get_failure_redirect_url(string 'failure_redirect_url')
2: auth.php3:191

/var/log/sw-cp-server/error_log shows:

2012-09-27 11:01:54: (mod_fastcgi.c.2746) FastCGI-stderr: PleskFatalException: Unable to obtain secret key for passwords encryption.
file: /opt/psa/admin/plib/Plesk/Base/Utils/String.php
line: 330
code: 0
trace: #0 /opt/psa/admin/plib/common_func.php3(3453): Plesk_Base_Utils_String::getCryptKey()
#1 /opt/psa/admin/auto_prepend/auth.php3(191): get_failure_redirect_url('failure_redirec...')
#2 {main}

Does anyone have any idea how to fix this?

Thank you!
 
Check permissions for /etc/shadow and /etc/passwd files. Also try bootstrapper repair procedure.
 
The permissions of /etc/shadow and /etc/passwd match those of the respective files on my reference machine:

-rw-r--r-- 1 root root 3.9K Sep 18 04:09 passwd
-rw-r----- 1 root shadow 5.4K Sep 26 17:44 shadow

I ran: /usr/local/psa/bootstrapper/pp11.0.9-bootstrapper/bootstrapper.sh repair

and got the following results:

===> Preparing upgrade
Stopping psa... done
psa is stopped
Stopping psa... done
===> Cumulative database upgrade has been started
===> Upgrade completed.
System start/stop links for /etc/init.d/xinetd already exist.
System start/stop links for /etc/init.d/xinetd already exist.
Module ssl already enabled
Module headers already enabled
ln: creating symbolic link `/var/named/run-root/etc/bind/rndc.conf': File exists
update-rc.d: /etc/init.d/named: file does not exist
mknod: `/var/www/vhosts/chroot/dev/null': File exists
Module suexec already enabled
Module include already enabled
Module rewrite already enabled
Module userdir already enabled
===> Cumulative upgrade has been started
===> Upgrade completed.
Module dav already enabled
Considering dependency dav for dav_fs:
Module dav already enabled
Module dav_fs already enabled
Module auth_digest already enabled
Module authz_user already enabled
Module dav_lock already enabled
update-rc.d: warning: psa start runlevel arguments (2 3 4 5) do not match LSB Default-Start values (2 3 5)
System start/stop links for /etc/init.d/psa already exist.
Stopping psa... done
Starting xinetd service... done
Starting mysql service... done
Starting bind9 service... done
Starting postgresql service... not installed
Starting psa-spamassassin service... done
Plesk: Starting Mail Server... already started
Starting psa... done

Congratulations!
All stages of the upgrade were successful.
psa is now running on your system.
To complete the system configuration process, please proceed to URL:
Use 'admin' and '<YOUR ADMIN PASSWORD>' as login name and password.

Further, use the following commands to start and stop the system:
/etc/init.d/psa start and
/etc/init.d/psa stop respectively.

Plesk is still not working.
 
Unfortunatelly this not working at all. PLESK still get that error.
Igor: Can you tell us how to regenerate the secret key? Or tell me which RPM package do this and let me know how can I get from your server for CentOS release 6.3 (Final) 64bit. I will force a new install then.
 
I resolved the error by correcting the file ownership in /etc/psa/:

chown -R psaadm:root /etc/psa/private/
chown psaadm:psaadm /etc/psa/private/.psa.shadow
 
Almost OK :-( If I run from CLI
/usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini -d auto_prepend_file=auth.php3 -u psaadm

say I need to enable JS, but if I run in lynx or browser I get 500 error, but now the error is

Must be suid root
2012-09-27 18:20:43: (mod_fastcgi.c.1068) the fastcgi-backend /usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini -d auto_prepend_file=auth.php3 -u psaadm failed to start:
2012-09-27 18:20:43: (mod_fastcgi.c.1072) child exited with status 1 /usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini -d auto_prepend_file=auth.php3 -u psaadm
2012-09-27 18:20:43: (mod_fastcgi.c.1075) If you're trying to run your app as a FastCGI backend, make sure you're using the FastCGI-enabled version.
If this is PHP on Gentoo, add 'fastcgi' to the USE flags.
2012-09-27 18:20:43: (mod_fastcgi.c.1171) [ERROR]: spawning fcgi failed.


Now I will play with this, cause I see that SUID root.


SEE LATER EDIT 3 : http://forum.parallels.com/showthread.php?p=641735#post641735
 
Last edited:
jafesc said:
Yesterday I accidentally run "chown -R root:root /" on the SSH console of my virtual server. I canceled the running command as soon as I noticed my stupid mistake and started to recover the original file ownerships using a second, similar virtual server instance as a reference.

Everything seems to be working just fine on my server - except Plesk! This is what I get when I try to access the control panel:

ERROR: PleskFatalException
Unable to obtain secret key for passwords encryption.

0: String.php:330
Plesk_Base_Utils_String::getCryptKey()
1: common_func.php3:3453
get_failure_redirect_url(string 'failure_redirect_url')
2: auth.php3:191

/var/log/sw-cp-server/error_log shows:

2012-09-27 11:01:54: (mod_fastcgi.c.2746) FastCGI-stderr: PleskFatalException: Unable to obtain secret key for passwords encryption.
file: /opt/psa/admin/plib/Plesk/Base/Utils/String.php
line: 330
code: 0
trace: #0 /opt/psa/admin/plib/common_func.php3(3453): Plesk_Base_Utils_String::getCryptKey()
#1 /opt/psa/admin/auto_prepend/auth.php3(191): get_failure_redirect_url('failure_redirec...')
#2 {main}

Does anyone have any idea how to fix this?

Thank you!
Click to expand...

I know you have fixed this by now but to help other users the fix for this error is here:
http://forum.parallels.com/showthread.php?t=263770

Thanks.
 
You must log in or register to reply here.

Similar threads

themew
Resolved Let's Encrypt SSL to secure Plesk and mail not renewing
Replies
2
Views
5K
kassi
K
A
ERROR: Exception Can't decrypt data
Replies
3
Views
3K
Andrei C
A
E
secret_key file
Replies
3
Views
4K
Justin Clarke
J
E
PSA Server Can't Start After Upgrade to 11.0.9
Replies
4
Views
3K
burnleyvic
burnleyvic
M
Constant Unable to connect to database while upgrading/repairing
Replies
3
Views
1K
ManofAction
M
Back
Top