Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Official and/or community stance on security?

Featured Replies

I had a mini heart attack when I first booted unRAID. No password on web interface, option to change the root password in plain text, flash drive shared by default, no ssh - quite a security unconscious server.

 

Now, I've been reading the forums and wiki for a couple of days, and was surprised that questions about security were dismissed as unimportant. I kinda hope those were all out of date...

 

I think these days a LAN can give a false sense of security. I don't trust all the machines on my LAN - just the ones that belong to me. Yet I want to make unRAID server available to all, even the living room computer which guests (and their kids) get to use. Basically, if any computer with access to my LAN is compromised, I loose the protection of NAT.

 

Now, I'm not paranoid that someone is targeting my machine specifically, eyeing the dirty tape. I'm worried about my unRAID machine becoming compromised, part of a botnet, and loosing my trust in stored data due to lack of basic security features or an unpached vulnerability.

 

I could not find any info on security on the main page (besides user accounts, which are done over plaintext http). What is the dev's outlook on security? Is there a recent post by the author touching on this that somebody could link to? What's the general consensus of the community on this? hmm a poll might tell.

Your poll answers expose your bias.

 

As you've probably found on the forum I too questioned not having a default root password.  Mine doesn't anymore.  And anyone inside my network already has access to things WAY more important than the info on my unRAID box.

 

Just thinking that your password isn't plaintext doesn't protect you.  Anything can be broken or circumvented.  It's all a matter of what risk you're willing to take.

  • 2 weeks later...

This may be a good time though, to bring this issue back up.  While unRAID has had its roots first as a simple but glorified NAS primarily for Windows users, both the unRAID system and its community of users has matured and grown quite a bit.  I'm not aware of any 'horror stories' yet that are attributable to the light security, but there is no need to wait for the first disaster before preparing for it.  This would be a good time for a discussion of what users would recommend to Tom, as to what should be the default security profile and prompts.  I'll start by suggesting that on first use (no passwd file in /boot/config), the user is prompted for the root password.  There should be the option for no password, as a common scenario will always be the home user and possibly spouse with no kids that does not really need a password.

 

Obviously, a user that allows guests full access to a machine on the network has very different security needs, which need to be addressed here.  It would be good to see either the tools or the instructions for locking down your unRAID server.

 

I would like to hear what knowledgeable Linux users do, on first encountering and adapting unRAID to their use (eg. set passwords, set export policies, install ssh, etc).

root should 100% have a password setup when you boot for the first time.  Also we're wide open in some respects,  all it would take is someone malicious to target either the forum or wiki and a lot of people could get burned.

 

Edit : PM'd tom and removed details.

I can't participate in your poll: I don't see the correct answer listed there.

 

I like unRAID exactly as it is now.

And it's not like I don't care about security.

You figure it out.

 

Purko

 

 

I agree with RobJ that we should discuss it.  And I certainly don't think that asking for a root password until one is set is the end of the world.  A default would almost be worse than no password as people would think it was safe.

Security vs. usability is a trade of. It will always be.

 

unRAID has taken the stance of ease of use over all else. Personally I think this is a wise decision (keep in mind security is my job).

 

Where the focus should be is ease of activating security for the end user with proper documentation. However this will increase support massively and since Limetech has problems supporting the forum as is (problems is a bit strong... ratehr the community does most of teh forum support) this is not a area to jump into lightly. What you and i take for granted many users will not have a clue about.

 

And that brings us full circle to the Security vs. usability trade of.

 

P.s. a default password is security though obscurity and a dubious improvement at best

Security vs. usability is a trade of. It will always be.

 

unRAID has taken the stance of ease of use over all else. Personally I think this is a wise decision (keep in mind security is my job).

 

Where the focus should be is ease of activating security for the end user with proper documentation. However this will increase support massively and since Limetech has problems supporting the forum as is (problems is a bit strong... ratehr the community does most of teh forum support) this is not a area to jump into lightly. What you and i take for granted many users will not have a clue about.

 

And that brings us full circle to the Security vs. usability trade of.

 

P.s. a default password is security though obscurity and a dubious improvement at best

About all we can do as a user community is to suggest some "best practices" that may be ignored or applied as the individual owner decides.

-------------------------------------------------------------------------------------------------

For NO security:  

  Do not install a root password.

  Make all shares read/writeable.

 

  Result: Anybody/anything, including viruses, on any device on your network, or any that can access your network, can access/read/write/modify/delete any file on your unRAID server

-------------------------------------------------------------------------------------------------

For Some minimal security:  

  Install a poorly chosen root password.  (A poorly chosen password will be short, use a limited character set, or would be a word that exists in a dictionary)

  Make sure all user IDs have a password.  (Some others on unRAID besides root have no password)

  Make all shares read/writeable.

 

  Result: Anybody/anything, including viruses, on any device on your network, or any that can access your network, can access/read/write/modify/delete any file on your unRAID server

-------------------------------------------------------------------------------------------------

For better security:

  Install a strong root password. (A properly chosen password will be long, use a mixed character set, and would be a word that DOES NOT exist in a dictionary)

  Make all shares readable only.

 

  Result: Anybody/anything, including viruses, on any device on your network, or any that can access your network, can access/read any file on your unRAID server.

-------------------------------------------------------------------------------------------------

 

So... a root password does nothing to protect your banking records, or any sensitive data on your server.

-------------------------------------------------------------------------------------------------

For even better security:

      Install a strong root password. (A properly chosen password will be long, use a mixed character set, and would be a word that DOES NOT exist in a dictionary)

      Implement User Security, using a strong password.   Make specific shares accessible only to specific users.

 

     Result: Anybody/anything, including viruses, on any device on your network, or any that can access your network and that can pretend to be the valid user on your LAN, can access/read any file on your unRAID server.

------------------------------------------------------------------------------------------------

 

Conclusion, there is NO way to be completely secure unless EVERY device on your LAN is equally strong in protecting itself.  Any process that can access the LAN in any way will allow access to the weakest link.   Then, it is just a matter of escalating privileges.  

 

Simply adding a root password does NOTHING to protect your data.

Simply adding user-security does NOTHING to protect your data.

Any attempt to describe how to secure any NAS will be meaningless.     I suggest using "google" to search for best practices... Just be sure to include software attacks, firmware attacks, hardware attacks, and social engineering attacks in your search.  You need to secure EVERYTHING on your LAN.   If you have a network media player, it must be equally secure as your file-server.   To really be secure, the server must have NO connections to the outside world, be in a guarded/shielded room, using non-commercial power.

 

All that said... at the very least, be behind a router/firewall.   (Don't allow access to the unRAID server from the web)  If you have a wireless router, forget it, you are not secure to anyone who can access it.  You must secure everything... and that, for most people, even security professionals, is almost impossible.

 

It would be ill advised for Tom, or anyone else to suggest how to secure an unRAID sever.  There is only one possible solution that will be correct for any given user, and millions of bad solutions.  (This goes for ANY storage on ANY device on your LAN, so it is not just an unRAID issue)  The weakest link will let in a bad-guy... and they're out there.

 

Joe L.

Valid points but I see no reason for unRAID to actually be the weakest link.  Root password and securing the web interface should be no brainers.

Valid points but I see no reason for unRAID to actually be the weakest link.  Root password and securing the web interface should be no brainers.

No argument there...  In fact, I agree with you 1000%.  I was just pointing out that a strong root password is not all you need.  (And that should secure the web-interface)

 

The problem is the weakest link is ourselves...  As soon as you download, view on the web, or in a editor, or a PDF reader, or listen to music through a media player, or install, execute anything on a PC, your LAN you can be targeted.  The more secure you make it, the less user-friendly it becomes to your family.  You must decide a good balance for your situation.  unRAID out-of-the-box is a security nightmare for a business LAN.  I'm sure it can be secured, but I'm not the one to guide you.

 

Joe L.

Valid points but I see no reason for unRAID to actually be the weakest link.  Root password and securing the web interface should be no brainers.

 

Hence the reason you can simply add a password for root.

 

I agree with all the points Joe has made above.  When a root password is added the web interface does not load unless you enter it.  If one was put in by default there could be novice users that come here, get the password, and then never change it.

 

A way to combat this might be to require that a password be set when the web interface is first pulled up.  Using some form of password strength verification like PGP does might help to make novice users select a strong password.  BUT then you run into the whole usability vs. security thing again and many people have many different views on this subject.

A compromise could be a default password that is required to be changed and only allow su.

 

However before you do that you must change from telnet to SSH or its pointless (and arguably worse than pointless as you are giving the password out to anyone whom can listen).

 

And once you start down the slope every time someone suggests something we can come back and say "yes but you need to do this as well".

 

There is alot to be said to not pretending to be secure like alot of products do.

A compromise could be a default password that is required to be changed and only allow su.

 

However before you do that you must change from telnet to SSH or its pointless (and arguably worse than pointless as you are giving the password out to anyone whom can listen).

 

And once you start down the slope every time someone suggests something we can come back and say "yes but you need to do this as well".

 

There is alot to be said to not pretending to be secure like alot of products do.

Or, require the password be initially set via the system console, and only the system console. and do not allow access to the web-management page other than to say a password must be set via the system console before the user may proceed.

 

Once the password is set, at least you are somewhat better off than now.  (Of course, since password entry from the web-page are not currently over a secure link

it is still possible for someone to eavesdrop when the web-page is invoked, and a password supplied, so we need an SSL connection for the web-page... as NAS said, gets complicated fast.)

 

Joe L

  • 2 weeks later...

I've added a basic entry to the FAQ for securing an unRAID server, but I'm sure it can be improved.  Feel free to edit or expand.

  How do I secure my unRAID server?

 

I was rather surprised to find no mention of root passwords in the UnRAID Manual.  I'm sure that no one wants to take Tom away from development, but at some point someone HAS to work on updating the manual.

I've added a basic entry to the FAQ for securing an unRAID server, but I'm sure it can be improved.  Feel free to edit or expand.

   How do I secure my unRAID server?

 

I was rather surprised to find no mention of root passwords in the UnRAID Manual.  I'm sure that no one wants to take Tom away from development, but at some point someone HAS to work on updating the manual.

 

Or give some of a little more access to the system so we can update what needs to be updated.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.