One of the first things everyone does is to change their admin and root passwords. Would it be even better to get rid of the "admin" user and create "someothername9#%" as the admin username? I would assume crackers would try first with the user admin but if this was gone they would have to brute force the username and the password instead of just the password.

Or is there some reason that one has to leave the user "admin" on a RedHat/Ensim server?

Or is there no reason to worry about renaming admin to something else?

There would be a lot of other work involved with changing the admin username to some other name.

The server "admin" has certain priviledges that may be disrupted if you start logging in as another user.

For instance, on Linux, the server admin can log in with ftp to other users sites, (up to a limit of 32 sites I believe)

But I am basing this on the similar situation with root, so I could well be completely wrong

On my FreeBSD system, there is no admin, because I set the username when I first installed it to something else.

The main thing about admin is that the admin is part of the group wheel (in BSD) which means admin has su priviledges

Need to look into this further...

alan

Right. On FreeBSD there is a wheel group that specifies who can become root. On Linux you can configure PAM to do the same thing but it is not set up that way by default (at least the RS images are not set up that way), so changing the name of the admin user should have no effect.

You said you use Ensim. I know many people (me included) have changed the name of that account to something different with no ill side effects.

You can change the appliance admin name as well.

Hi Smoker,

I'm using redhat plain, so this might be different for other rackshack systems, others should comment. I simply delete the user admin as soon as possible, and change root password as soon as possible.

I see no reason to leave the "admin" user hanging arround since its a default rackshack user (on red hat out of box install there is no admin user login), has same password as !r00t!(default), and is mailed in plain text when you sign up (very insecure). Just (syntax errors permitting):

userdel admin
adduser someother
passwd someother

Also although it is possible (dont know why) you can telnet into your box (sending pain text password, pun intended) basically broadcasting your system password to anyone who is taking the trouble to listen.

This is what I did first time round, got hacked (no idea if telnet was reason, because i have no log files, cause of a restore = clean install )-;

So use a ssh client (eg putty.exe on win), and disable telnet.


There is actually a debate going on if things can be more secured.

Read top forum links, and secure things up as soon as possible, share expierience.

Just remove admin from the wheel, disable root login, add a different user to the wheel, and you should be good to go. That's what I've done.

Sorry to be dense, but what is "the wheel" and how do you remove or add users to it? Does "the wheel" apply to Ensim or only cPanel?

btw...

admin user is not stock on ensim...

none of our installs had an admin user

it must be a rackshack thing.

Yes, the "admin" default account is definitely an RS-specific thing .

one of the first things i do is delete user admin.

everything should still work without it.

if user: admin is deleted, can we add another user to take it's place? if not, and we disabled direct root access, how do you get root access? just su - from any other user?

thanks for your time.

Hi christyle,

Thats my tactic. I'm on redhat plain, and with this system you can just delete the admin user and add another with which you can secure shell the server. I assume this is valid for other systems.

Many threads advice not to login directly as root, so you need at least a second shell user.