So you can’t login to the Sophos UTM WebAdmin interface anymore. Perhaps you’ve made a configuration change and locked yourself out, or perhaps you’ve just forgotten your password. I locked myself out a couple of times when playing around with the new 2 Factor Authentication feature in the Sophos UTM 9.2 Beta. Don’t worry, here are the steps to reset your password. You’ll first need a direct console into Sophos UTM. For hardware appliances, plug in a monitor and keyboard, or for Virtual Appliances open up your virtualization system’s management console for the Virtual Machine.
Once you have a console open, try to log in as the root user. I was in a similar situation and resetting the root password didn’t really reset it. You can reset the loginuser (and only the loginuser) at the bash prompt which you can then login to the console after the next reboot but that doesn’t help since it doesn’t have the permission to start the cc utility. I don’t know if thiis was an artifact of my ‘cloud’ provider or not but I was able to find the WebAdmin password reset log in the /tempastaro/output.log file that seemed to be generated on the reboot right after I changed the root password. YMMV Steve.
I was able to do it, information was provided by Aditya Patel from Sophos: 'Workaround: you can completely remove the Sophos Anti-Virus software from a Mac endpoint by removing the following files and directories. Obviously it will require admin / sudo permissions, and obviously, you should be quite careful as to not remove other things. Here is the list: /Library/Sophos Anti-Virus/ /Library/Application Support/Sophos/ /Library/Preferences/com.sophos.
Sophos Endpoint Tamper Protection Pa…
/Library/LaunchDaemons/com.sophos. /Library/LaunchAgents/com.sophos. /Library/Extensions/Sophos.
/Library/Caches/com.sophos. ' the syntax I used was sudo rm -R /Library/ see above list.