how to unlock the account with geth?

  • when I use the web3 interface to sign on msgs, it tell me that the account should be unlocked, how can I manage this with geth and what exactly does unlocking mean?

    I tried this command **geth --unlock "ACCOUNT_PUBLIC_ADDRESS" --password "PASSWORD"** ang got the **error: account unlock with http access is forbidden** Then i tried to unlock account by typing this command **personal.unlockAccount(eth.accounts[0], '1234' ,9000)** on javascript console but still got the same **error: account unlock with http access is forbidden**

  • Zack Coburn

    Zack Coburn Correct answer

    5 years ago

    By default, your accounts in Geth are "locked," which means that you can't send transactions from them. You need to unlock an account in order to send transactions from it through Geth directly or via RPC (though web3 does not support this). In order to unlock an account, you'll need to provide the password, which is used to decrypt the private key associated with your account, hence allowing you to sign transactions.

    With that being said, how do you unlock an account? There are a couple different ways you can do it, which are highlighted in the Geth documentation. I'll provide an overview:

    1. Unlock account when you run Geth. The password parameter is optional. If you don't provide it, you'll be prompted to type in the password.

      geth --unlock <YOUR_ACCOUNT_ADDRESS> --password <YOUR_PASSWORD>

    2. Unlock account from the Geth interactive Javascript console. Again, the password is optional. If you don't provide it, you'll be prompted to type it in. Note that in earlier versions of Geth, providing the password as a parameter would cause the password to show up in the Geth log, which may be a security concern.

      personal.unlockAccount(address, "password")

    It should be noted that entering the password non-interactivly stores the password in plaintext in the console history. This should really not be used as it opens up an attack vector.

    `geth --unlock` is the way to do it, i guess `web3` will log all of your inputs in log

    I make the command like this "geth --unlock (0x3b3F14690C8Fb8b1B333Ff38961bdEEa658a3873)", but it tells me that "invalid account address or index '(0x3b3F14690C8Fb8b1B333Ff38961bdEEa658a3873)'", why?

    remove the brackets, then it should work: `geth --unlock 0x3b3F14690C8Fb8b1B333Ff38961bdEEa658a3873` Not that this is prompting you for a password and the prompt for the password might be hidden somewhere in the mass of output during geth startup, e.g. `Unlocking account 0xb2... | Attempt 1/3 Passphrase: I0522 12:30:46.360237 node/node.go:298] IPC endpoint opened: /home/someone/.ethereum/geth.ipc I0522 12:30:46.836509 p2p/nat/nat.go:111] mapped network port tcp:30303 -> 30303 (ethereum p2p) using UPNP IGDv1-IP11` (Try to find the word `Passphrase` in the above output ;) )

    you could also use a file for your password like : --unlock "0x4ae4ddbf073ff57e5861490d72f9177d9039428a" --password "d:\\p.txt"

    The proper way to unlock account in geth is `geth unlock 0x4ae4ddbf073ff57e5861490d72f9177d9039428a,0x4ae4ddbf073ff57e5861490d72f9177d9039428b,0x4ae4ddbf073ff57e5861490d72f9177d9039428c` --password . passwordFile should contain the password , one password in each line .

    So if you can unlock it, how do you lock it again? :p

    @Kebman you can specify time to keep it unlocked

    @kebman using attach or console: `personal.unlockAccount(address, "password", 0)` to leave unlocked till you re-lock it manually. `personal.unlockAccount(address, "password", 300)` to auto-lock after 300 seconds. You can of course add password but it's not recommended. (Nor keeping it unlocked indefinitely.) `personal.lockAccount()` usually works these days to lock manually..

    @bshea Note that if you wish to use the automatic relock but don't want to pass your password as a parameter, you can also use `personal.unlockAccount("address", undefined, 300)`

    Note: if you got "Account unlock with HTTP access is forbidden!" You should run Geth node over https or (NOT FOR PRODUCTION) run with extra parameter: `--allow-insecure-unlock`

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM