This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I want to enable SSH to use SFTP (with FreeFileSync) to automate synchronisation between two NAS' in separate geolocations (i can post instructions if anyone interested)
I have read about how to use public / private key encryption (rather than SSH via password) and just wanted to check a point on security.
If I create a specific user account and only enable SSH shell access via this user, I presume 'root' is not automatically enabled. This would only be the case if I enabled SSH for the admin user - is this correct? Or does enabling SSH for ANY user enable root access?
"The root password for SSH is the same as the admin user. Change from the default for security purposes. Not changing the default password and enabling SSH leaves you vulnerable to attack."
I still dont get what that last precautionary bullet is trying to warn against though.
It's saying two things. First, that if you want to access the linux shell via ssh you should use "root" as the username instead of "admin" - using the NAS admin password.
Second (the warning bit), that it is a really bad idea to leave that NAS admin password set to the default value of password. Even if you don't enable ssh you shouldn't use the default password.
The root access is disabled by default when you create a local user. The user will only have root access when you enable the 'Allow shell access' for that user.
We’d greatly appreciate hearing your feedback letting us know if the information we provided has helped resolve your issue or if you need further assistance.
If your issue is now resolved, we encourage you to mark the appropriate reply as the “Accept as Solution” or post what resolved it and mark it as solution so others can be confident in benefiting from the solution.
The Netgear community looks forward to hearing from you and being a helpful resource in the future!
Thanks for your reply. I understand root access is enabled for that user when checking the "enable shell access" option.
I have created a specific user to use with my remote SSH access, allow shell access and set a public / private key combination, disabled password access for this user and set the port forward from a high external port number.
"The root password for SSH is the same as the admin user. Change from the default for security purposes. Not changing the default password and enabling SSH leaves you vulnerable to attack."
And i thought this means root password for any user maps to the admin password - however writing this down makes me feel slightly stupid now. I still dont get what that last precautionary bullet is trying to warn against though.
Thanks.
Jon
Model: RN10400|ReadyNAS 100 Series 4-Bay (Diskless)
"The root password for SSH is the same as the admin user. Change from the default for security purposes. Not changing the default password and enabling SSH leaves you vulnerable to attack."
I still dont get what that last precautionary bullet is trying to warn against though.
It's saying two things. First, that if you want to access the linux shell via ssh you should use "root" as the username instead of "admin" - using the NAS admin password.
Second (the warning bit), that it is a really bad idea to leave that NAS admin password set to the default value of password. Even if you don't enable ssh you shouldn't use the default password.
