How to require a CLI password?

  • Hi I can't find an answer to this so hopefully this is the right place.


    I'm running OMV2.2. Right now if I do CTRL+C after boot I'm in as root. I understand it's useful in some cases but also a big security hole in others.


    Can I require user/password authentication for CLI? I recall this was done in OMV3 by default but I can't upgrade yet.


    Please let me know


    thanks

  • Exactly in what interface are you seeing this?

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

    • Offizieller Beitrag

    ctrl-c when? At the login prompt? Something doesn't sound right.


    And if someone has access to your hardware, security is pointless. You can boot a live linux distro and have full root access to everything (unless it is encrypted).

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • The command Line interface straight out of the VGA or HDMI port. To give an idea, like in Ubuntu when you disable the Desktop, it boots to a simple text-based login/pwd screen.


    In my case it shows the IP address of the unit. Then if I hit CTRL+C I'm in as root without entering any password. How do I prevent this?


    thanks!

    • Offizieller Beitrag

    None of my boxes - OMV 2.x, OMV 3.x or any other Linux distro - do this. I don't even know how (or why) someone would set this up.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • The command Line interface straight out of the VGA or HDMI port. To give an idea, like in Ubuntu when you disable the Desktop, it boots to a simple text-based login/pwd screen.


    The login message is


    Who am I: root
    My IP address: 192.168.0.1
    Date : 07/05/16 %a
    Time : 07:10:45 PM


    It's from a OMV build for ODROID. Did they mess with some of the settings? can I revert to a proper login?


    cheers

  • The command Line interface straight out of the VGA or HDMI port. To give an idea, like in Ubuntu when you disable the Desktop, it boots to a simple text-based login/pwd screen.


    In my case it shows the IP address of the unit. Then if I hit CTRL+C I'm in as root without entering any password. How do I prevent this?


    thanks!


    I've never seen anything like that. Something is not right with your box.


    This is a capture from my serial console. Click for the full picture.


    What does yours look like?

    • Offizieller Beitrag

    All of the OMV images boot to the command line (login/pwd screen as you are calling it) except for the xu4 build (I assume you are using). I left the info display because it is meant to display on the xu4's cloudshell lcd. That is the odroid software. I didn't realize if you ctrl-c, it would log you in as root. My xu4s have both failed so I can't test a fix or tell you how to fix it.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Spot-on, I'm using the XU4.


    Unfortunately the ctrl+c indeed logs you as root and I can't allow that as users will have access to USB and Ethernet (nothing else, no access to drive).


    Can I perhaps disable the ODROID software and restore the normal command line? I understand you can't test it right now but any pointer on how to fix this would be good.


    Alternatively, I remember a while back I upgraded to 3.x and it did ask for password in the command line. Problem is this time the upgrade didn't work and the unit hangs at boot. No idea why..


    Are there OMV3 images for the XU4?

    • Offizieller Beitrag

    This happened because I don't think I ever connected a monitor and keyboard to my xu4. I just connected the serial cable. I will look through the image to see what can be changed but I can't test anything.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    Are there OMV3 images for the XU4?


    Nope. I created all of the odroid and RPi images for OMV. Without an XU4, I can't create new ones. Upgrading is risky on arm boards. You could install debian Jessie and then OMV.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Something that might help:
    So, at boot I get


    Who am I: root
    My IP address: 192.168.0.1
    Date : 07/05/16 %a
    Time : 07:10:45 PM


    then CTRL-C I get to root


    then CTRL+D it logs out from root and it briefly (<1s) shots the console interface shown by gderf. Then it goes back to


    Who am I: root
    My IP address: 192.168.0.1
    Date : 07/05/16 %a
    Time : 07:10:45 PM


    So looks like there is a service on top of a normal OMV which is responsible for that. If I shot the service I should be ok?

    • Offizieller Beitrag

    Found it....


    OMV 3 doesn't have /etc/inittab. OMV 2 does and the odroid is image is set to autologin as root.


    As root: nano /etc/inittab
    Find the following line in /etc/inittab:
    1:2345:respawn:/sbin/mingetty --autologin root tty1
    Change it to:
    1:2345:respawn:/sbin/getty tty1
    ctrl-o to save
    ctrl-x to exit
    Done.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!