The WHM/cPanel can be accessed without knowing the actual password if it satisfies a single condition i.e you must have shell access to the server. If you have the shell access through SSH Keypair or using VPS nodes on the server, you can simply access the WHM panel without knowing the actual root password of the server.
The steps to create a session to access the WHM panel for the root or any reseller accounts without a password is detailed below.
whmapi1 is the command which could be executed via Linux Shell so as to accomplish this. WHM API 1 accesses the WHM interface’s features. You can make use of this API to administrate cPanel and WHM reseller accounts, perform server administration tasks and manage cPanel & WHM services.
Whmapi command to create a WHM root session from the command line.
By executing the following command you can create a temporary root WHM session:
# whmapi1 create_user_session user=root service=whostmgrd
The output will be as the following:
--------------------------- CT-xxxxxxxxx-bash-4.2# whmapi1 create_user_session user=root service=whostmgrd --- data: cp_security_token: /cpsess3736615296 expires: '1519064107' service: whostmgrd session: root:GSs8CH3T4YhRuk4o:create_user_session,340efbb4413cee451a9f2d115a14760c url: https://v123456.serverxxx.com:2087/cpsess3736615296/login/?session=root%3aGSs8CH3T4YhRuk4o%3acreate_user_session%2c340efbb4413cee451a9f2d115a14760c metadata: command: create_user_session reason: Created session result: 1 version: 1 ---------------------------
This is a one-time-use session to access WHM panel. You can paste the WHM URL in the browser which would in turn bypass the need to enter a root password.
Create a WHM Session for Reseller Account
# whmapi1 create_user_session user=USERNAME service=cpaneld
Replace USERNAME with the exact cPanel username.
This is a one-time-use session to access WHM/cPanel panel. The system destroys the temporary session after 15 minutes of inactivity.
In conclusion, it is possible to access the WHM/cPanel without knowing the root password as long as you have shell access to the server. The whmapi1 command can be executed via Linux Shell to create a temporary root WHM session or a session for a reseller account. The output from the command will provide a WHM URL that can be pasted in a browser to bypass the need to enter a password. However, it is important to note that these sessions are one-time-use only and the system will automatically destroy the session after it has been used.
If you require help, contact SupportPRO Server Admin