tmp31416 Posted April 5, 2010 Share Posted April 5, 2010 hello world -- so i have rebuilt my box and the geek factor shot up (blinkenlights galore(!), etc), though i am not quite done yet. waiting to see dell.ca sell those trayless bays (*) for ~15.99 CAD again so that i can buy two more and have a grand total of 12 possible drives in my box. already ordered a syba 3132 card to "drive" them, soon i shall be ready to "pimp my rig". :-) this being said, i noticed that changing the root password does not "stick". i would have thought that /etc/passwd resided on the flash drive, but apparently not with unraid (yes, you can egg me if i said something stupid). i am now very embarrassed (sp?) to ask "i do i make a password change survive a reboot?"... any feedback would be very appreciated. cheers. (*) http://www.redflagdeals.com/forums/dell-tuesday-report-startech-5-25-tray-less-sata-hot-swap-bay-15-99-hot-860941/ Quote Link to comment
barrettj Posted April 5, 2010 Share Posted April 5, 2010 Are you trying to change it from the terminal or using the web interface? Changing it from the web interface has always stuck for me. Quote Link to comment
unraided Posted April 5, 2010 Share Posted April 5, 2010 You could do as suggested as well, or at the terminal (physically with a keyboard and mouse), type the following: passwd root enter the desired password, confirm and it should hold. Reboot unraid and see. Quote Link to comment
Joe L. Posted April 5, 2010 Share Posted April 5, 2010 You could do as suggested as well, or at the terminal (physically with a keyboard and mouse), type the following: passwd root enter the desired password, confirm and it should hold. Reboot unraid and see. That will depend upon when the emhttp interface copys the password and group files to the flash drive. If it does those tasks upon shutdown, the password will hold. If it does those tasks only when the web-management screen is used, then its copy of the password file in the config folder will be put into place the next time you reboot and your changes overwritten. Quote Link to comment
tmp31416 Posted April 6, 2010 Author Share Posted April 6, 2010 Are you trying to change it from the terminal or using the web interface? Changing it from the web interface has always stuck for me. i changed the password through the console, "as ${deity} intended it"; it never crossed my mind that i could change it through the web interface. i just did a "password root", changed the password, tested it ok and assumed it was saved to flash. i will try it from the web interface... (switches tab)... (right, the "users" tab)... (whoa! it kicks in *right away*!) ok, seems to work for now (can't reboot, doing a parity check), will let ${you} know what happens after a reboot. Quote Link to comment
tmp31416 Posted April 6, 2010 Author Share Posted April 6, 2010 (snip) i just did a "password root", changed the password, tested it ok and assumed it was saved to flash. (snip) of course, i meant "passwd", not "password". sorry for the brain-fart. Quote Link to comment
unraided Posted April 6, 2010 Share Posted April 6, 2010 No worries tmp31416. It would be interesting whether you can do the password change from the web interface now. Do you parity check and keep us posted. Joe L's explanation is great on how the password it retained in unraid. Quote Link to comment
tmp31416 Posted April 7, 2010 Author Share Posted April 7, 2010 hello out there -- so the moral of the story is: you change your root password via the web interface, not the console. it is confirmed, at least for me. now that i have gotten this out of the way, i.e. the most basic hardening (sp?) of my unraid box, i have to ask: is there some sort of hardening script, some recommended packages to run to help protect one's server? since unraid is obviously not your usual linux os, i prefer to ask before i unwittingly do more harm than good whilst trying to secure my box. others must have gone through this before, i prefer to learn from other's mistakes rather than adding mine to the stats. cheers. Quote Link to comment
Joe L. Posted April 7, 2010 Share Posted April 7, 2010 see here for some ideas: http://lime-technology.com/forum/index.php?topic=4923.msg45861#msg45861 Quote Link to comment
unraided Posted April 7, 2010 Share Posted April 7, 2010 There is a few questions I have with regards to your inquiry tmp31416. In terms of security, are you referring to Terminal servicing, the file sharing security or the OS security? The best way to securely Terminal service to a a server via puTTY and using SSH. Though this is an optional package and it's included in the unraid's OS by default. To install it, get unMENU installed, go to the Packages link and install OpenSSH. In terms of File sharing security, you can create security to lock down or permit users access to specific rights to a share, see link below: http://lime-technology.com/forum/index.php?topic=5569.0; and http://lime-technology.com/forum/index.php?topic=5928.0;topicseen In terms of the OS security, unraid is a minimal Slackware Linux OS (as you probably know). Linux itself is quite secure to vulnerabilities, greatly much more than a Windows-based OS. To my knowledge, unraid does not have a firewall embedded into the OS (being that it is a stripped down OS, lots of features and standard packages would of been culled to make it as minimal as possible). I guess if this is what you're inquiring, I suppose you could find a Slackware-compatible firewall that you can install to strengthen the OS security side of things, but others might argue advising against doing this. Personally I wouldn't bother doing the latter and would recommend that you have your unraid server placed behind a good firewall if you're server is exposed on a insecure internet connection, etc.... Hope this helps. Quote Link to comment
purko Posted April 7, 2010 Share Posted April 7, 2010 The best way to securely Terminal service to a a server via puTTY and using SSH. Though this is an optional package and it's included in the unraid's OS by default. To install it, get unMENU installed, go to the Packages link and install OpenSSH. I'm just wondering.... Why do I have to install unMENU in order to install OpenSSH? Can't I simply install OpenSSH? cd /boot/packages wget ftp://slackware.osuosl.org/pub/slackware/slackware-current/slackware/n/openssh-*.t?z installpkg /boot/packages/openssh-*.t?z echo 'installpkg /boot/packages/openssh-*.t?z' >> /boot/config/go Quote Link to comment
unraided Posted April 7, 2010 Share Posted April 7, 2010 You don't have to as you know and which you have clearly pointed out purko. My suggestion is 'one way' to easily get OpenSSH on your server. Your suggestion as another way, which doesn't require the install of unMENU, which is good to know as well. Quote Link to comment
purko Posted April 7, 2010 Share Posted April 7, 2010 You don't have to as you know and which you have clearly pointed out purko. My suggestion is 'one way' to easily get OpenSSH on your server. Your suggestion as another way, which doesn't require the install of unMENU, which is good to know as well. There's a suggstion as another way, which doesn't require the install of full Slackware either. Don't sweat it! Quote Link to comment
unraided Posted April 7, 2010 Share Posted April 7, 2010 Na no sweat man, (it isn't hot enough ) That is the great thing about this forum, you share ideas and learn them as you go, even when you help others . Thanks. Quote Link to comment
unraided Posted April 10, 2010 Share Posted April 10, 2010 Hi purko. Out of testing (on a unraid rig without unMENU) I tried what you suggested below and it seems that the openssh service doesn't work. I can still telnet fine and it seems that the package was downloaded to the '/boot/packages' and I used the echo command to have the execution on the package install at startup via the go script, but I can get it to work. I use puTTY and verify I select SSH over the other protocols. Any suggestions? Thanks. The best way to securely Terminal service to a a server via puTTY and using SSH. Though this is an optional package and it's included in the unraid's OS by default. To install it, get unMENU installed, go to the Packages link and install OpenSSH. I'm just wondering.... Why do I have to install unMENU in order to install OpenSSH? Can't I simply install OpenSSH? cd /boot/packages wget ftp://slackware.osuosl.org/pub/slackware/slackware-current/slackware/n/openssh-*.t?z installpkg /boot/packages/openssh-*.t?z echo 'installpkg /boot/packages/openssh-*.t?z' >> /boot/config/go Quote Link to comment
prostuff1 Posted April 10, 2010 Share Posted April 10, 2010 You might need the open ssl package, and you will also need to "set up" ssh. with your keys and the like. Look through the unmenu .conf file for the ssh package. That should tell you what you need to do. Quote Link to comment
purko Posted April 10, 2010 Share Posted April 10, 2010 Hi purko. Out of testing (on a unraid rig without unMENU) I tried what you suggested below and it seems that the openssh service doesn't work. I can still telnet fine and it seems that the package was downloaded to the '/boot/packages' and I used the echo command to have the execution on the package install at startup via the go script, but I can get it to work. I use puTTY and verify I select SSH over the other protocols. Any suggestions? Thanks. Hi unraided. openssh depends on openssl-solibs. Just get the openssl-solibs package from the same place where you got the openssh package. You'll also want to make your key files from /etc/ssh/ persistent on your flash disk. Quote Link to comment
unraided Posted April 10, 2010 Share Posted April 10, 2010 Thanks prostuff1 and purko, I'll try and suggested and report back. Thank you both. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.