OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • [SOLVED] Must login to SSH as root (even when disabled)
« previous next »
  • Print
Pages: [1]

Author Topic: [SOLVED] Must login to SSH as root (even when disabled)  (Read 3104 times)

Rainmaker

  • Newbie
  • *
  • Posts: 21
  • Karma: 2
    • View Profile
[SOLVED] Must login to SSH as root (even when disabled)
« on: October 29, 2018, 01:42:38 am »
I have setup OPNsense to run SSH over a non-standard port. Login group is set to wheel and admins. Root login is disabled (box unchecked). However, when I try to SSH into the box as 'user' (who is a member of admins), I am prompted for the password. The password is accepted and the OPNsense logo appears, but followed immediately by a message that I 'must be root to login'. As I said, 'permit root user login' is unchecked, and the root user account is disabled in System > Access > Users!

The only way around this is to enable the root user, and log in via SSH using root. My 'user' is a member of admins, with permissions inherited from admins. What am I missing? It's obviously much less secure to enable the root account for SSH than to log in as 'user' and use sudo.
« Last Edit: October 29, 2018, 08:38:34 pm by franco »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13679
  • Karma: 1176
    • View Profile
Re: Must login to SSH as root (even when disabled)
« Reply #1 on: October 29, 2018, 08:12:27 am »
Taking a guess over "must be root to login" is actually "Must be root."

I cannot stress how important it is to deliver the precise error message in order to be of meaningful help.

So anyway, here it goes.

You cannot set "opnsense-shell" as a non-root user shell.

Give the user a real shell and use "sudo su" after properly configuring it.

There are a couple of topics that deal with how to set this up and why it's necessary.


Cheers,
Franco
Logged

Rainmaker

  • Newbie
  • *
  • Posts: 21
  • Karma: 2
    • View Profile
Re: Must login to SSH as root (even when disabled)
« Reply #2 on: October 29, 2018, 12:50:11 pm »
Thanks, Franco. That fixed it. ;)
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13679
  • Karma: 1176
    • View Profile
Re: Must login to SSH as root (even when disabled)
« Reply #3 on: October 29, 2018, 08:38:24 pm »
Glad to hear. 8)
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • [SOLVED] Must login to SSH as root (even when disabled)
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2