Disable Logging into OPNsense as the Root User
After installing OPNsense, the default login is the root user. Logging in as the root user is generally not advised because the root user has full access to files and processes. Linux users, for instance, are asked to create a separate user account upon installation. The user can then use the sudo command to elevate privileges to perform administrative tasks. If the user’s account is compromised, in theory the root account is still protected (assuming there is no privilege escalation vulnerability being exploited or the password has been discovered). OpenSSH has an option to disable root user access for the SSH server. It prevents logging in directly as the root user as a security mechanism. OPNsense, being built upon FreeBSD (HardenedBSD to be more precise), is no exception to this recommendation.
Create a New Administrator Account
If you go to “System > Access > Users”, you should see the default root user listed:
Before you can disable the root user account, you need to create a new user account that is set as an administrator. When you are creating a new administrator, the most important section is the “Group Memberships” section. It is here where you need to move the “admins” group from the left to the right box:
Once you add the new user, you will notice you have two administrator accounts:
Disable Root User
Now that the new administrator user has been created, you will need to logout of the root account and then log into the new administrator account. The logout link is located under the “Lobby” menu.
Note: You cannot disable the root account (or any other administrator account) while you are still logged in under that account. You will receive an error message that states you cannot disable yourself. This is a safety feature to prevent locking yourself out of the administration web page.
Go back to the “System > Access > Users” page. Now click the edit button beside the root user. Click the checkbox beside the label “Disabled”:
Once you click save and return to the user account page, you should see that the root user is now gray indicating that it has been disabled.
At this point, you will only be able to login with your newly created admin user account!