Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why can't I log in as 'root' over SSH if I disable the 'admin' user?

    Scheduled Pinned Locked Moved General pfSense Questions
    16 Posts 6 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scilek @NollipfSense
      last edited by

      @nollipfsense
      That was not the case prior to version 2.6.

      NollipfSenseN pttP 2 Replies Last reply Reply Quote 0
      • NollipfSenseN
        NollipfSense @scilek
        last edited by

        @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

        @nollipfsense
        That was not the case prior to version 2.6.

        It has been since I joined pfSense just prior to v2.4.

        pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
        pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

        S 1 Reply Last reply Reply Quote 0
        • V
          viragomann @scilek
          last edited by

          @scilek
          Go to System > User Manager > Users > admin and remove the WebCfg privileges from the user.

          S 1 Reply Last reply Reply Quote 1
          • pttP
            ptt Rebel Alliance @scilek
            last edited by

            @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

            @nollipfsense
            That was not the case prior to version 2.6.

            https://forum.netgate.com/topic/169323/2-6-0-rc-bugs/6

            NollipfSenseN 1 Reply Last reply Reply Quote 1
            • S
              scilek @NollipfSense
              last edited by

              @nollipfsense
              I just connected to a router running version 2.5.2 to check. The admin user is disabled but I can still log in as root over SSH.

              1 Reply Last reply Reply Quote 0
              • S
                scilek @viragomann
                last edited by

                @viragomann
                I did that, but I can still log in to the web interface as admin.

                R 1 Reply Last reply Reply Quote 0
                • NollipfSenseN
                  NollipfSense @ptt
                  last edited by

                  @ptt said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

                  @scilek said in Why can't I log in as 'root' over SSH if I disable the 'admin' user?:

                  @nollipfsense
                  That was not the case prior to version 2.6.

                  https://forum.netgate.com/topic/169323/2-6-0-rc-bugs/6

                  Okay, learned something new today as I have always used admin for webGUI and SSH.

                  pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                  pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                  1 Reply Last reply Reply Quote 0
                  • R
                    rcoleman-netgate Netgate @scilek
                    last edited by

                    @scilek And it was fixed in v2.6/22.01

                    Ryan
                    Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                    Requesting firmware for your Netgate device? https://go.netgate.com
                    Switching: Mikrotik, Netgear, Extreme
                    Wireless: Aruba, Ubiquiti

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      Just to be clear this was a bug in versions prior to 2.6:
                      https://redmine.pfsense.org/issues/12346

                      You should never have been able to login using a disabled account via SSH. It's now fixed.

                      Steve

                      S 1 Reply Last reply Reply Quote 0
                      • S
                        scilek @stephenw10
                        last edited by

                        @stephenw10
                        It was the most convenient bug in the history of computing.

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.