- SSH user as per sigle posible config from the Dashbord is “sshd”.
I can live with this.
When I log in with ssh I give it the user “sshd” and then the passw and I log in.
Now I am logedin with root not “sshd”. ( used id -u -n to get the current user).
Why is this? I give the “sshd” user and I get logedin with “root”?
Don’t worry about this - you are effectively logged in as root - that is the highest level of security you can log in as. The sshd is just an alias to root - but you cannot log in as root user - just as a security precaution.
- I looked in the ssh config file and I can see that the only allowed users over SSH are “root” and “sshd”.
Problem: as I never changed the root passw I asume it has the default one.
I wonder if I enable SSH access from the web to my EX2 how long will it take for some one that knows the default password for root to break in my EX2.
So is it ok if I change the passw for “root”, or if I edit the SSH seting to remove “root” from the allowed users? (from a warranty point of view).
You are required to set the password for sshd when you turn the SSH to ON from the dashboard and click the Configure link right next to the On/Off button. As far as I know, there isn’t a default password for sshd - you MUST set one yourself at the time of turning SSH access on. So changing the password for SSH is not going to void your warranty - rather you are required to set a password for SSH access…for your own security.
Not sure what you mean by “enable SSH access from web” - SSH is on port 22 and web access is usually port 80…so that is not possible. If you meant enabling SSH access from the Internet, well, there is no automatic/simple/easy way to enable SSH access from the Internet - you will have to setup port forwarding on port 22. But if you do setup port forwarding on port 22, you are opening your system up to a potential security breach…BUT even then unless you set a very short, simple password (a very foolish thing to do), no one can easily breach it by brute force. My advice - don’t plan on doing SSH access from outside your network (and therefore don’t setup port forwarding on port 22)…unless you are planning on doing SFTP access from outside using the sshd user.