Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Is it OK to change root password?



  • Hello, everyone,

    I am a new user and I am currently testing Cloudron.

    During the installation via my Hoster the root password was sent to me by email. For security reasons I changed it directly. Cloudron was already pre-installed at this time.

    Is that OK, or does Cloudron need the old password?

    Thanks a lot in advance!

    Greetings
    René


  • Staff

    @dieter Cloudron does not require the password (or ssh keys) of your server. In fact, it's best if you remove SSH password altogether and move to ssh based login - https://cloudron.io/documentation/security/#securing-ssh-access


  • Staff

    I was trying to think about the motivation to your question (like why would one expect Cloudron to have the password). I think this might be because some existing products in the market, SSH into your server and configure things and install apps.

    In contrast, Cloudron is entirely self-hosted. The entire stack runs on your server and only you have access to your server (cloudron.io team does not have or need access to your server). Think of the design like how smart phones work today. Installing apps is about downloading a recipe from the app store and installing it on the phone. Cloudron + App Store works exactly the same way but for servers. If the App Store is down, you only lose the ability to install/update apps but the existing apps will run just fine as long as your server is running.



  • I had the thought, because I don't know how Cloudron installs e.g. the Ubuntu updates, or performs other tasks on operating system level, for which you need at least sudo rights, as far as I know. But my Linux knowledge is not that good 👼


  • Staff

    @dieter Ah ok 🙂 When the Cloudron platform is installed, it creates a separate user called yellowtent (this was a codename for our project when we started). The installation script will add a bunch of commands that allows this user to run privileged operations without a password. You can see what they are in /etc/sudoers.d/yellowtent if you are curious! (it will have commands like reboot, update etc).



  • @dieter if you add an ssh key whilst buying the Hetzner server then they don't even create a root pw


Log in to reply