I’m using a vanilla Webmin / Virtualmin 3.93 GPL version on Centos 6. I’ve created a new user that has full privileges on Webmin, so now I want to disallow root from logging in, as obviously it could be a security issue.
Does anyone know how to do this? There must be an option for this somewhere but maybe I can’t see the wood for the trees.
I’ve disabled root SSH login manually, but I still can login to Webmin using the root account.
Thanks to #Charles for the pointers.
To remove the root user from Webmin, log in as a user with administrator privileges and click on Webmin -> Webmin Users.
In the list of users, either delete or remove all privileges from the root user.
After removing that user I could log in as my new administrator user and administer the server but not log in as root.
Problem solved, security through obscurity but still better than nothing.
Click on the Webmin tab, expand the Webmin section and select Webmin User. Then select the root user. Expand Security and Limit Options and select Only allow from listed addresses for IP Access Control. Enter the loopback address(127.0.0.1) into the field. The root user will still exist, but will be unable to login.
In Webmin -> Webmin Users click root and rename it to the username you use.
Related
I recently logged into myphpadmin through the xampp control panel so that I could add a new user to a database. I logged in as root as I always have but now I get a warning that says "You do not have the privileges to administrate the users!" My config.inc.php has the 'auth_type' set to config. I tried setting it to "cookie" and "http" as I found as suggestions on here but it doesn't seem to change anything. I need to be able to add users and change permissions. Any ideas?
I was eventually able to work this out by logging into phpMyAdmin and then typing the following into the SQL cmd window:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost'; FLUSH PRIVILEGES;
Hopefully this will help someone else having this problem as well.
Please guys help me, I want prevent my old developer from access to my VPS,WHM and cPanel what I should do. I don't want to lose my work.
I saw there is password for Virtuozzo Power Panel, WHM and cPanel there is my thing i need to change it.
like how I know if he have SSH access or not. or any recovery can he recover the passwords
If you have given Password, SSH and FTP access to your developer you can consider doing the following:
Change your WHM's root password
Change all of your cPanel accounts' passwords (or those that your
developer had access to, if he had access to the whole WHM - you
might want to change all passwords)
Make sure there aren't any authorized SSH keys for the root user.
This can be seen through WHM's interface, docs here
Make sure there aren't any authized SSH keys for any cPanel user as
well. This can be done through each cPanel account's SSH Access
tool
Check all cPanel accounts for unauthorized FTP accounts.
You can also take a look at the cron jobs that are running as well.
Ultimatively you should also consider looking for any backdoors that
might be present in the scripts that your developer was working on.
I'm new to WHM, cPanel, and CentOS.
I install WHM then create an account for domain app.example.com and user peter
I point the domain name to right IP address but when I run my website app.example.com I got HTTP ERROR 500
Via SSH I log into the server and I find my previous uploaded code into
/home/peter/public_html
Then I run command sudo chown -R peter:peter /home/peter/public_html
and when I look at folders permission and owner they looks like:
I think my HTTP ERROR 500 is about user permission.
Can please help me to add right privileges to a user or what I need to do to my public_html folder be visible to the world (at browser).
What I need to do?
The best thing to know if it's a permissions problem, a bug in the programming of the web application or to see what really happens, is that you look at the log file of the web server (apache, nginx, the one you use). The log will give you more clues. Could you copy the log output when the error occurs?
It seems some required extensions were not activate or had been removed from your VPS. You should check and install/activate them. Then you can test your website again.
P.S: Sorry for my bad english
Thanks for reading my question.
I have a big issue with SSH on my server;
I've disabled a month ago "root" access via SSH
Created a new user called "admin", added it to the wheel group and su root priviliges
This way, I will need to login with "admin" user only ...
But, but, the problem is NOW : I forgot the "admin" PASSWORD...
Is there anyway to fix this problem via WHM or SSH... ?
Regards,
It's not possible to change your admin pass through WHM. But I will suggest you please create one test account through WHM and enable shall access for that user, And after that you can add that user in wheel group and login SSH with that user password. After that you can reset the admin pass through root user.
Here is the best solution:
go to your Google Cloud account on deployment manager click to Opne SSH
follow this steps:
$ sudo passwd
New Password:______________
retype NewPassword :_______________
I spent some time logged into a server (Debian) trying to get Samba access to work better from my Mac.
After logging out and attempting to log back in I was unable to log in using my private key which has been working for years.
Private key login worked for another user from the same client machine, and I was able to modify the sshd.config to allow password login so that I could log back onto the server.
What could I have done to break the keyed login just for my username and why?
I was messing around with creating a Samba password for my username, and I also made my home folder 777 to try to get write access working from Samba. (This was NOT a recursive chmod so the folders below are not 777.)
Your home directory should never be ugo+rwx (777). You should not allow other users to write to your home directory. The ssh daemon checks for file system permissions and will refuse to use the contents of ~/.ssh/ if it or its parent (~/) is writable by other users.
See http://www.openssh.org/faq.html question # 3.14.
Also see 'man sshd_config' and StrictModes (don't turn it off).
Hope this helps.
You can turn on logging in your sshd config if it isn't already. That'll tell you exactly what went wrong. It's often a permission problem on the files in ~/.ssh
The logfile is usually in either /var/log/secure or /var/log/auth.log
There is another possibility that none of the earlier answers have raised: SELinux. If this is active, it will prevent the .ssh folder from being accessed via a Samba share.
It is easy to test: temporarily disable SELinux ("setenforce 0") and see if the .ssh folder can be accessed.