Disable Logging into OPNsense as the Root User

Allowing root user logins is not normally a good idea...

Disable Logging into OPNsense as the Root User Photo by StockSnap from Pixabay

Introduction

After installing OPNsense, the default login is the root user. Logging in as the root user is generally not advised because the root user has full access to files and processes. Linux users, for instance, are asked to create a separate user account upon installation. The user can then use the sudo command to elevate privileges to perform administrative tasks. If the user's account is compromised, in theory the root account is still protected (assuming there is no privilege escalation vulnerability being exploited or the password has been discovered). OpenSSH has an option to disable root user access for the SSH server. It prevents logging in directly as the root user as a security mechanism. OPNsense, being built upon FreeBSD (HardenedBSD to be more precise), is no exception to this recommendation.

Create a New Administrator Account

If you go to “System > Access > Users”, you should see the default root user listed:

Default User Account List

Before you can disable the root user account, you need to create a new user account that is set as an administrator. When you are creating a new administrator, the most important section is the “Group Memberships” section. It is here where you need to move the “admins” group from the left to the right box:

Group Membership Section

Once you add the new user, you will notice you have two administrator accounts:

User Account List

Disable Root User

Now that the new administrator user has been created, you will need to logout of the root account and then log into the new administrator account. The logout link is located under the “Lobby” menu.

Logout Link

Note: You cannot disable the root account (or any other administrator account) while you are still logged in under that account. You will receive an error message that states you cannot disable yourself. This is a safety feature to prevent locking yourself out of the administration web page.

Go back to the “System > Access > Users” page. Now click the edit button beside the root user. Click the checkbox beside the label “Disabled”:

Disable Root User

Once you click save and return to the user account page, you should see that the root user is now gray indicating that it has been disabled.

User Account List with Root Disabled

At this point, you will only be able to login with your newly created admin user account! Mission accomplished!