Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why can't I log in as 'root' over SSH if I disable the 'admin' user?

    General pfSense Questions
    6
    16
    858
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NollipfSenseN
      NollipfSense @scilek
      last edited by

      @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

      @nollipfsense
      Yes, I know, but why can't I log in as root through SSH anymore?

      So, did you enabled it again and reboot?

      pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
      pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

      S 1 Reply Last reply Reply Quote 0
      • S
        scilek @NollipfSense
        last edited by

        @nollipfsense

        Yes I did. But want to disable the admin user on the web interface but enable the root user on SSH.

        NollipfSenseN V 2 Replies Last reply Reply Quote 0
        • NollipfSenseN
          NollipfSense @scilek
          last edited by

          @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

          @nollipfsense

          Yes I did. But want to disable the admin user on the web interface but enable the root user on SSH.

          Do you understand that "admin" is "root" if you disable admin webGUI, you also disable root for SSH?

          pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
          pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

          S 1 Reply Last reply Reply Quote 0
          • S
            scilek @NollipfSense
            last edited by

            @nollipfsense
            That was not the case prior to version 2.6.

            NollipfSenseN pttP 2 Replies Last reply Reply Quote 0
            • NollipfSenseN
              NollipfSense @scilek
              last edited by

              @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

              @nollipfsense
              That was not the case prior to version 2.6.

              It has been since I joined pfSense just prior to v2.4.

              pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
              pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

              S 1 Reply Last reply Reply Quote 0
              • V
                viragomann @scilek
                last edited by

                @scilek
                Go to System > User Manager > Users > admin and remove the WebCfg privileges from the user.

                S 1 Reply Last reply Reply Quote 1
                • pttP
                  ptt Rebel Alliance @scilek
                  last edited by

                  @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

                  @nollipfsense
                  That was not the case prior to version 2.6.

                  https://forum.netgate.com/topic/169323/2-6-0-rc-bugs/6

                  NollipfSenseN 1 Reply Last reply Reply Quote 1
                  • S
                    scilek @NollipfSense
                    last edited by

                    @nollipfsense
                    I just connected to a router running version 2.5.2 to check. The admin user is disabled but I can still log in as root over SSH.

                    1 Reply Last reply Reply Quote 0
                    • S
                      scilek @viragomann
                      last edited by

                      @viragomann
                      I did that, but I can still log in to the web interface as admin.

                      R 1 Reply Last reply Reply Quote 0
                      • NollipfSenseN
                        NollipfSense @ptt
                        last edited by

                        @ptt said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

                        @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

                        @nollipfsense
                        That was not the case prior to version 2.6.

                        https://forum.netgate.com/topic/169323/2-6-0-rc-bugs/6

                        Okay, learned something new today as I have always used admin for webGUI and SSH.

                        pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                        pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                        1 Reply Last reply Reply Quote 0
                        • R
                          rcoleman-netgate Netgate @scilek
                          last edited by

                          @scilek And it was fixed in v2.6/22.01

                          Ryan
                          Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                          Requesting firmware for your Netgate device? https://go.netgate.com
                          Switching: Mikrotik, Netgear, Extreme
                          Wireless: Aruba, Ubiquiti

                          1 Reply Last reply Reply Quote 0
                          • stephenw10S
                            stephenw10 Netgate Administrator
                            last edited by

                            Just to be clear this was a bug in versions prior to 2.6:
                            https://redmine.pfsense.org/issues/12346

                            You should never have been able to login using a disabled account via SSH. It's now fixed.

                            Steve

                            S 1 Reply Last reply Reply Quote 0
                            • S
                              scilek @stephenw10
                              last edited by

                              @stephenw10
                              It was the most convenient bug in the history of computing.

                              1 Reply Last reply Reply Quote 1
                              • First post
                                Last post