New to rockstor. Just did my first install on some new hardware. Setup my user account and password. Reading the docs, it seems that I should be able to SSH into the box. When I ssh to the box I get a prompt, but my password doesn’t work.
I added my public key (through the web gui), but still get the password prompt. Any suggestions?
Welcome to Rockstor community @nfarrar!
ssh login access is restricted to root user only. With your setup you should be able to sftp as your user. But not ssh login.
I don’t remember setting a root password during the install - just the password for my user account. When I attempt to ssh to the box as the root user - none of the passwords I ‘might have used if I forgot’ work. No idea what it is. Also, when I check the users, the root user exists, but no shell is set.
Also, these docs say that any ‘admin’ user has ssh access: http://rockstor.com/blog/uncategorized/using-the-rockstor-command-line-interface/. Sounds like that’s incorrect?
root password is required for installation to proceed, but it’s not uncommon for us to forget the password 
Here’s the howto to reset the root password. That should help you regain root access to your Rockstor system.
Thanks for pointing out the outdated blog post, I’ve updated the post to reflect the current status.
Old thread - sorry, haven’t worked on this for awhile. I ended up getting root access back.
So - I’m in, but a couple other questions about the ssh configuration.
First - why is ssh access restricted to root? Are there specific reasons? In most circumstances, I prefer to disallow root logins (and password logins) and restrict specific users to key authentication only, with privilege escalation via sudo required with command logging. Generally, this is consistent with best security practices.
That being said - I didn’t find any documentation on why this is the way it is, or if I’ll break things (I’d rather not) by modifying this setup. Looking at /etc/ssh/sshd_config - I see:
#PermitRootLogin yes
#PubkeyAuthentication yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes
###BEGIN: Rockstor SFTP CONFIG. DO NOT EDIT BELOW THIS LINE###
AllowUsers root
I’d like to change this to something more like:
PermitRootLogin no
PubkeyAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
PermitEmptyPasswords no
PasswordAuthentication no
###BEGIN: Rockstor SFTP CONFIG. DO NOT EDIT BELOW THIS LINE###
AllowUsers nfarrar
But I have no idea what this might break. Suggestions?
this will not break anything, this will actually do just what you want , my reccomendation is do the following
sudo vi /etc/ssh/sshd_config
edit line
AllowUsers root nfarrar
save and exit by pushing esc then :wq
then restart the ssh service
sudo systemctl restart sshd
you should now be able to ssh into the machine
to have sudo access with the nfarrar account
ssh as root then use
usermod -aG wheel nfarrar
and
usermod -aG root nfarrar
this will add the account as a root user