Admin stores settings related to the administration settings for NG Firewall.
This table stores the administration accounts that can administer NG Firewall. Administrators have full administrator/root access to the NG Firewall server.
By default, there is only one admin account with the password set during the Setup Wizard. Other accounts can be created. This can be useful in a few scenarios:
- if you have multiple administrators and you wish to be able to distinguish who logged in at what time.
- you want to be able to easily disable/enable access for an administrator without changing the admin password.
Additional administrator accounts are also administrators. They also have full administrator/root access.
Allow HTTP Administration
If Allow HTTP Administration is checked, administration will be allowed on HTTP (unencrypted) on the primary address of non-WAN interfaces via each non-WAN interface on the port configured in Services. If unchecked then administration will not be allowed on HTTP, only on HTTPS.
Note: Unchecking Allow HTTP Administration does not actually close the HTTP port as this service is used for other functions like blockpages, Captive Portal, etc.
Note: HTTPS on WANs access is controlled in Config > Network > Advanced > Filter Rules > Access Rules. To enable, HTTPS administration on WANs (external) check the Allow HTTPS on WANs rule.
For convenience, when saving administrator account settings the "root" shell password is set to the the password of the admin account. If there is no admin account (because it was renamed to something else) then the root password is not set.
The root password is stored separately than administrator account passwords. It can be changed in the shell using passwd to any value. However if you modify the admin password the root password will be set to the new "admin" password when saved.
If you forget the "admin" password - follow the Password Recovery process to reset the administration login/password settings to default.