Text only | Text with Images

OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: Layla on July 07, 2023, 05:07:29 PM

Title: it appears that disabling the root user disables nat?
Post by: Layla on July 07, 2023, 05:07:29 PM
so on my system with a static wan ip and manual nat forwarding rules, if I disable the root user, which I would like to do as a security measure, it appears to disable NAT.

which breaks the internet.

thing is, I would like to disable the root user as a standard security measure :(.


hardware:
DEC740

software version:
Type    opnsense   
Version    23.1.11   
Architecture    amd64   
Commit    f1305748e   
Mirror    https://pkg.opnsense.org/FreeBSD:13:amd64/23.1   
Repositories    OPNsense   
Updated on    Wed Jul 5 23:42:46 CDT 2023   
Checked on    N/A
Title: Re: it appears that disabling the root user disables nat?
Post by: Stormscape on July 09, 2023, 06:40:49 AM
The correct method for disabling the root account is to lock it, not disable the account. If you disable the account, nothing can run as UID 0.
Text only | Text with Images