silly question -- root password.


Recommended Posts

hello world --

 

so i have rebuilt my box and the geek factor shot up (blinkenlights galore(!), etc), though i am not quite done yet.  waiting to see dell.ca sell those trayless bays (*) for ~15.99 CAD again so that i can buy two more and have a grand total of 12 possible drives in my box.  already ordered a syba 3132 card to "drive" them, soon i shall be ready to "pimp my rig".  :-)

 

this being said, i noticed that changing the root password does not "stick".  i would have thought that /etc/passwd resided on the flash drive, but apparently not with unraid (yes, you can egg me if i said something stupid).  i am now very embarrassed (sp?) to ask "i do i make a password change survive a reboot?"...

 

any feedback would be very appreciated.

 

cheers.

 

 

(*) http://www.redflagdeals.com/forums/dell-tuesday-report-startech-5-25-tray-less-sata-hot-swap-bay-15-99-hot-860941/

Link to comment

You could do as suggested as well, or at the terminal (physically with a keyboard and mouse), type the following:

 

passwd root

 

enter the desired password, confirm and it should hold. Reboot unraid and see.

That will depend upon when the emhttp interface copys the password and group files to the flash drive.  If it does those tasks upon shutdown, the password will hold.  If it does those tasks only when the web-management screen is used, then its copy of the password file in the config folder will be put into place the next time you reboot and your changes overwritten.
Link to comment

Are you trying to change it from the terminal or using the web interface?  Changing it from the web interface has always stuck for me.

 

i changed the password through the console, "as ${deity} intended it"; it never crossed my mind that i could change it through the web interface.

i just did a "password root", changed the password, tested it ok and assumed it was saved to flash.

i will try it from the web interface... (switches tab)... (right, the "users" tab)... (whoa!  it kicks in *right away*!)

 

ok, seems to work for now (can't reboot, doing a parity check), will let ${you} know what happens after a reboot.

 

 

 

Link to comment

hello out there --

 

so the moral of the story is: you change your root password via the web interface, not the console.

it is confirmed, at least for me.

 

now that i have gotten this out of the way, i.e. the most basic hardening (sp?) of my unraid box, i have to ask: is there some sort of hardening script, some recommended packages to run to help protect one's server?

since unraid is obviously not your usual linux os, i prefer to ask before i unwittingly do more harm than good whilst trying to secure my box.  others must have gone through this before, i prefer to learn from other's mistakes rather than adding mine to the stats.

 

cheers.

 

 

Link to comment

There is a few questions I have with regards to your inquiry tmp31416. In terms of security, are you referring to Terminal servicing, the file sharing security or the OS security?

 

The best way to securely Terminal service to a a server via puTTY and using SSH. Though this is an optional package and it's included in the unraid's OS by default. To install it, get unMENU installed, go to the Packages link and install OpenSSH.

 

In terms of File sharing security, you can create security to lock down or permit users access to specific rights to a share, see link below:

 

http://lime-technology.com/forum/index.php?topic=5569.0; and

 

http://lime-technology.com/forum/index.php?topic=5928.0;topicseen

 

In terms of the OS security, unraid is a minimal Slackware Linux OS (as you probably know). Linux itself is quite secure to vulnerabilities, greatly much more than a Windows-based OS. To my knowledge, unraid does not have a firewall embedded into the OS (being that it is a stripped down OS, lots of features and standard packages would of been culled to make it as minimal as possible). I guess if this is what you're inquiring, I suppose you could find a Slackware-compatible firewall that you can install to strengthen the OS security side of things, but others might argue advising against doing this.

Personally I wouldn't bother doing the latter and would recommend that you have your unraid server placed behind a good firewall if you're server is exposed on a insecure internet connection, etc....

 

Hope this helps.

Link to comment

The best way to securely Terminal service to a a server via puTTY and using SSH. Though this is an optional package and it's included in the unraid's OS by default.

To install it, get unMENU installed, go to the Packages link and install OpenSSH.

I'm just wondering.... Why do I have to install unMENU in order to install OpenSSH?  Can't I simply install OpenSSH?

cd /boot/packages
wget ftp://slackware.osuosl.org/pub/slackware/slackware-current/slackware/n/openssh-*.t?z
installpkg /boot/packages/openssh-*.t?z
echo 'installpkg /boot/packages/openssh-*.t?z' >> /boot/config/go

 

Link to comment

You don't have to as you know and which you have clearly pointed out purko. My suggestion is 'one way' to easily get OpenSSH on your server.

Your suggestion as another way, which doesn't require the install of unMENU, which is good to know as well.

There's a suggstion as another way, which doesn't require the install of full Slackware either.

Don't sweat it! :)

 

Link to comment

Hi purko. Out of testing (on a unraid rig without unMENU) I tried what you suggested below and it seems that the openssh service doesn't work. I can still telnet fine and it seems that the package was downloaded to the '/boot/packages' and I used the echo command to have the execution on the package install at startup via the go script, but I can get it to work. I use puTTY and verify I select SSH over the other protocols. Any suggestions? Thanks.

 

The best way to securely Terminal service to a a server via puTTY and using SSH. Though this is an optional package and it's included in the unraid's OS by default.

To install it, get unMENU installed, go to the Packages link and install OpenSSH.

I'm just wondering.... Why do I have to install unMENU in order to install OpenSSH?  Can't I simply install OpenSSH?

cd /boot/packages
wget ftp://slackware.osuosl.org/pub/slackware/slackware-current/slackware/n/openssh-*.t?z
installpkg /boot/packages/openssh-*.t?z
echo 'installpkg /boot/packages/openssh-*.t?z' >> /boot/config/go

 

Link to comment

Hi purko. Out of testing (on a unraid rig without unMENU) I tried what you suggested below and it seems that the openssh service doesn't work. I can still telnet fine and it seems that the package was downloaded to the '/boot/packages' and I used the echo command to have the execution on the package install at startup via the go script, but I can get it to work. I use puTTY and verify I select SSH over the other protocols. Any suggestions? Thanks.

 

Hi unraided.  openssh depends on openssl-solibs. 

Just get the openssl-solibs package from the same place where you got the openssh package.

You'll also want to make your key files from  /etc/ssh/  persistent on your flash disk.

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.