Zaaphod
Contributor
- Joined
- Dec 15, 2015
- Messages
- 109
Is there a way to turn on any kind of security on the console screen? I have been using FreeNAS a few years now, but I have a new customer I am setting up a new FreeNAS server on, and they are VERY concerned about security because they recently had a disgruntled employee erase critical data on a company computer and then changed the windows password and even changed the bios password. So now no one will have admin access, and the new system has very strong passwords on absolutely everything, but I noticed there seems to be a huge security loophole if you just plug a monitor and keyboard into the server, then just push 9 and poof! instant root access with no password.. shouldn't it ask for the password? and 7 reset root password.... doesn't ask for existing password first? I realise the intent with the Console Setup screen is to get you going before you have passwords set up, but is there a way to disable these security issues once you have it up and going and know all the passwords? Or even disable the console setup altogether? Any advice on how to secure the console setup screen? On most server motherboards, it's not needed on the VGA port anyway, because you can IPMI to get the output screen... which you can password protect. Perhaps there is a way to disable any physical keyboards and output to the physical screen but still have access with IPMI? (not sure that's even possible)
Any ideas (other than lock the server in a closet... which is probably happening at this point)
Any ideas (other than lock the server in a closet... which is probably happening at this point)
Last edited by a moderator: