Admin: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
<span style="display:none" class="helpSource administration_admin">Admin</span> | <span style="display:none" class="helpSource administration_admin">Admin</span> | ||
Admin stores settings related to the administration settings for | Admin stores settings related to the administration settings for NG Firewall. | ||
{{TriScreenshot|config|administration|admin}} | {{TriScreenshot|config|administration|admin}} | ||
| Line 7: | Line 7: | ||
== Admin Accounts == | == Admin Accounts == | ||
This table stores the administration accounts that can administer | This table stores the administration accounts that can administer NG Firewall. | ||
Administrators have full administrator/root access to the | Administrators have full administrator/root access to the NG Firewall server. | ||
By default, there is only one ''admin'' account with the password set during the [[Setup Wizard]]. | By default, there is only one ''admin'' account with the password set during the [[Setup Wizard]]. | ||
Latest revision as of 16:11, 3 May 2022
Admin stores settings related to the administration settings for NG Firewall.
Admin Accounts
This table stores the administration accounts that can administer NG Firewall. Administrators have full administrator/root access to the NG Firewall server.
By default, there is only one admin account with the password set during the Setup Wizard. Other accounts can be created. This can be useful in a few scenarios:
- if you have multiple administrators and you wish to be able to distinguish who logged in at what time.
- you want to be able to easily disable/enable access for an administrator without changing the admin password.
Additional administrator accounts are also administrators. They also have full administrator/root access.
Allow HTTP Administration
If Allow HTTP Administration is checked, administration will be allowed on HTTP (unencrypted) on the primary address of non-WAN interfaces via each non-WAN interface on the port configured in Services. If unchecked then administration will not be allowed on HTTP, only on HTTPS.
Note: Unchecking Allow HTTP Administration does not actually close the HTTP port as this service is used for other functions like blockpages, Captive Portal, etc.
Note: HTTPS on WANs access is controlled in Config > Network > Advanced > Filter Rules > Access Rules. To enable, HTTPS administration on WANs (external) check the Allow HTTPS on WANs rule.
Root
For convenience, when saving administrator account settings the "root" shell password is set to the the password of the admin account. If there is no admin account (because it was renamed to something else) then the root password is not set.
The root password is stored separately than administrator account passwords. It can be changed in the shell using passwd to any value. However if you modify the admin password the root password will be set to the new "admin" password when saved.
Password Recovery
If you forget the "admin" password - follow the Password Recovery process to reset the administration login/password settings to default.
