Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Is it OK to change root password?

Scheduled Pinned Locked Moved Solved Support
securityssh
6 Posts 3 Posters 305 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D Offline
    D Offline
    dieter
    wrote on last edited by girish
    #1

    Hello, everyone,

    I am a new user and I am currently testing Cloudron.

    During the installation via my Hoster the root password was sent to me by email. For security reasons I changed it directly. Cloudron was already pre-installed at this time.

    Is that OK, or does Cloudron need the old password?

    Thanks a lot in advance!

    Greetings
    René

    jdaviescoatesJ 1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #2

    @dieter Cloudron does not require the password (or ssh keys) of your server. In fact, it's best if you remove SSH password altogether and move to ssh based login - https://cloudron.io/documentation/security/#securing-ssh-access

    1 Reply Last reply
    4
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #3

    I was trying to think about the motivation to your question (like why would one expect Cloudron to have the password). I think this might be because some existing products in the market, SSH into your server and configure things and install apps.

    In contrast, Cloudron is entirely self-hosted. The entire stack runs on your server and only you have access to your server (cloudron.io team does not have or need access to your server). Think of the design like how smart phones work today. Installing apps is about downloading a recipe from the app store and installing it on the phone. Cloudron + App Store works exactly the same way but for servers. If the App Store is down, you only lose the ability to install/update apps but the existing apps will run just fine as long as your server is running.

    1 Reply Last reply
    1
  • D Offline
    D Offline
    dieter
    wrote on last edited by
    #4

    I had the thought, because I don't know how Cloudron installs e.g. the Ubuntu updates, or performs other tasks on operating system level, for which you need at least sudo rights, as far as I know. But my Linux knowledge is not that good 👼

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #5

    @dieter Ah ok 🙂 When the Cloudron platform is installed, it creates a separate user called yellowtent (this was a codename for our project when we started). The installation script will add a bunch of commands that allows this user to run privileged operations without a password. You can see what they are in /etc/sudoers.d/yellowtent if you are curious! (it will have commands like reboot, update etc).

    1 Reply Last reply
    0
  • jdaviescoatesJ Offline
    jdaviescoatesJ Offline
    jdaviescoates
    replied to dieter on last edited by
    #6

    @dieter if you add an ssh key whilst buying the Hetzner server then they don't even create a root pw

    I use Cloudron with Gandi & Hetzner

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.