These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Securing remote root logins on the new forum.
First time Webmin user here (I love it though!).
My context is such that I must expose Webmin to the www in order to manage my stuff. I created a rule in iptables to restrict port 10000 to my ip, it works fine. But I have 2 questions:
1) Do administrators commonly restrict port access to mac addresses? (latop, work, home, pda?)
2) If I ban remote root logins, will I have to create a new user in webmin with root privs? ... or does Webmin have a sudo'ish command to change into root administration mode?
Thanks in advance
Howdy,
For those who wish to restrict the Webmin port, most do it by IP address, I don't hear of many doing that by MAC address.
You can also edit the root user in Webmin, and tie the root user to a specific IP address (ie, that means you could log in as root, but only from that one IP). I know when using Virtualmin, that it treats a user with sudo rights as a Master Admin. I suspect the same would be true for Webmin -- though I'd suggest working out the kinks with that before disabling root :-)
-Eric
Also, it does improve security to avoid all default configurations, including listening port if you're the only user.
I have webmin/virtualmin on 7 servers and restrict access to a single ip address. If I need to manage anything remotely, I vpn into the network that has access and can manage the servers from there.