OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: Wayne Train on June 20, 2017, 09:27:03 am

Title: Deleting or locking the "root" user ?
Post by: Wayne Train on June 20, 2017, 09:27:03 am

Hi,
I would like to know if anybody in this forum deleted the root user and if this has any impact on the firewall funcionality.
If so, is there a possibility to simply lock root for the webgui. I don't want to use the standard user for administration...
Regards,
Wayne

Title: Re: Deleting or locking the "root" user ?
Post by: phoenix on June 20, 2017, 10:27:20 am

Not having a 'root' user as admin in the UI makes no difference to the functionality of OPNsense, AFAIK. You obviously need one (or preferably more) account that can administer your firewall but it can be any other username with an obviously strong password.

Title: Re: Deleting or locking the "root" user ?
Post by: guest15389 on June 20, 2017, 04:07:00 pm

You shouldn't really delete the 'root' user on a Unix OS as that's not generally a good idea.

If you are concerned about access, you can create complex passwords and limit access via that way.

Title: Re: Deleting or locking the "root" user ?
Post by: phoenix on June 20, 2017, 04:10:52 pm

I thought he was asking if the root user in the admin UI could be deleted, that's how I answered it but, you're correct, not a good idea to remove the root user from the system.

Title: Re: Deleting or locking the "root" user ?
Post by: sln on June 21, 2017, 01:28:51 pm

You can disable root (System->Access->Users select root and check Disabled).
If you're using shell access, you should (if not done already) enable sudo usage (System->Settings->Administration), otherwise (at least the last time I checked), you can not elevate your privileges in the shell.