Do I use root or not?

[hendry]

Hi, I'm new to FreeNAS.

I'm a little puzzled by the subject of User accounts. There doesn't seem to be any prescriptive advice in the Documentation either: http://doc.freenas.org/11/account.html A lot of "what" and no "why".

My initial UX is I'm asked to set the root password and that's what I use to login with the Web interface.
However it would seem I'm unable to login with ssh with the same credentials: `ssh root@freenas.local`

Ignoring the complexity of Guest accounts so people in my LAN can see my Samba shares and the unnerving long list of existing systems users, if I want to be able to rsync data to my NAS, should I be creating a new account in my name with my public key? Or should I be modifying the root user?

Should I be using the root account at all?

 

[garm]

Don’t use root for content, always always always set up dedicated users for people, services and tasks and groups for access management. Never use root:wheel for anything except maintenance.

 

[hendry]

Wish it said that in the Documentation. Now I am left scratching my head at the Add User dialog.

What should the primary or auxillary groups be? Where should the home directory go? Please feel free to point me to a guide, since I don't see any documentation here on best practices.

In my fantasy world, the accounts in my household would be painless to re-setup in these event my boot drive failed or a I moved to another FreeNAS box.

 

[garm]

Everything you do in the GUI is saved in your configuration database, just make sure to save the config and you can effortless get up and running on a new install.

What is required of your users depend on your requirements. For only accessing SMB shares you can follow @m0nkey_ ’s YouTube video on the subject. For more advanced user and access management like building services and such I propose you go upstream and read the FreeBSD docs to get the basics and then read up on the documentation on each service you intend to run.

 

[danb35]

it would seem I'm unable to login with ssh with the same credentials: `ssh root@freenas.local`

Is the ssh service running? Have you enabled root logins? Because the same credentials will work for the web GUI and SSH.

 

[Elliot Dierksen]

Is the ssh service running? Have you enabled root logins? Because the same credentials will work for the web GUI and SSH.

Speaking a Unix greybeard, direct logins to root are almost always blocked for a totally valid security reasons. Create a user login for yourself, and then add that login to the group "wheel". Then you will be able to login is with your user account and "su" over to root.