Adding secondary admin with full rights

J

jared.busch

New Member
Jan 20, 2023
2
0
1
Chicagoland
Adding another user is easy.
adduser jared gpasswd -a jared sudo pveum user add jared@pam pveum acl modify / --roles PVEAdmin --users jared@pam

I can log in via SSH and have sudo access. Good.
I can log in to the GUI and do most things. Not Good. I need this account to do everything. Is there a different role I need to assign?
Then, preferably, I can disable root for SSH and the GUI.
 
Last edited:
jared.busch said:
I can log in via SSH and have sudo access. Good.
I can log in to the GUI and do most things. Not Good. I need this account to do everything. Is there a different role I need to assign?
Then, preferably, I can disable root for SSH and the GUI.
Click to expand...
Is there actually a security benefit disabling root replacing it with another user with the same privileges? I don't see the point yet. Only benefit I could think of would be that it is harder to bruteforce the root account on SSH/webUI/API when not knowing the admins username. But on the other hand if you care about that it would make more sense to enable 2FA for the webUI, disable password login for SSH and only allow RSA keys and to setup fail2ban.

Only benefit I would see is if you got multiple admins that should be able to administrate the server with their own accounts. I personally only would be interested in that feature, so I could use "picard@enterprise" instead of "root@enterprise" when working in the shell ;)
 
it's generally considered a security best practice, and has for more than 10 years now.
 
Vorl said:
it's generally considered a security best practice, and has for more than 10 years now.
Click to expand...
I know, but the question is still why, when I'm still supposed to switch to root using su - after logging in as the non-root user.
 
You don't these days, and haven't for a long time. Almost every system I have run across for many years has sudo. With sudo you run commands with root permissions but don't need root's password, and for auditing purposes commands are tracked from the user running them instead of as "root"

Only old software with programmers that don't understand security are you required to actually run as root and not sudo (I have seen a few packages like this, but they are rare).
 
  • Like
Reactions: Spikker
Ok, the point with auditing makes sense.
I also use sudo with PVE to run services by unprivileged users that need just privileged access to a few handpicked commands which otherwise would require the service to be run as root. So there sudo is really helpful to set up the privileges as strict as possible for additional security. But I still don't see a security benefit when allowing a unprivileged user to run every command as root, like ubuntu does it with its default %sudo ALL = (ALL:ALL) ALL.
 
It's setup that way because using root is heavily discouraged. For normal home users most won't understand how to edit sudoers and don't need to. For enterprise/corporate users that deploy an image, that image will already include, or will modify the sudoers access to limit things unless you are dealing with an admin user.

most systems don't even setup a root password anymore specifically because they don't want people using it. I think it's mostly there for backwards compatibility.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back