turn off 2fa in whm using ssh command line

As many of you know about the “Two Factor Authentication”, a great security feature available in WHM/cPanel. Recently, I tried to log in to WHM with 2FA and it was not working. Let’s see how to Turn off 2FA in WHM using SSH Command Line.

Searching for solutions to turn off 2FA on WHM with SSH command line, I got a cPanel documentation mentioning the following command to run.

Turn off 2FA on WHM with SSH command line

# upai --user=root TwoFactorAuth remove_user_configuration

This doesn’t work actually with an error that states root doesn’t have TFA enabled.

Further searches ended up in a blog post which states a command collection that resolved my issue.

# mv –v /var/cpanel/authn/twofactor_auth/tfa_userdata.json{,.bak}; echo ‘{}’ >> /var/cpanel/authn/twofactor_auth/tfa_userdata.json

This command takes a backup of the two-factor auth JSON file (/var/cpanel/authn/twofactor_auth/tfa_userdata.json) and a new JSON file is created at the same location with just curly braces { }.

This resets the two-factor authentication that the user root had and I was able to login to WHM without TFA. Once logged, I created new authentication and moved on.

I am posting these steps to Turn off 2FA on WHM with SSH Command Line, just to my fellow readers who misplaces the TFA configured device or cPanel plays a hide and seek game.

You can refer the cPanel forum link here if you need a deeper discussion.

Comments are always welcome. ?