The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hackcheck

Discussion in 'Security' started by lloyd_tennison, Feb 7, 2012.

  1. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    OK, so it does not like "has a uid 0 account," I get it. But why does it change the password and how do I stop it! (Lfd tells me the password was changed, and it was, seconds after the alert.) I created that account for a reason. The password is changed seconds after hackcheck is run. I want that account and see no where does any doc say that hackcheck will change the password. That could cause all kinds of problems for servers.

    It sure is for me. I have it so support can login to fix a R1soft error and I do not want some offshore tech guy having my root password. So, every night, they get locked out.

    How would I disable that "feature?"

    Thanks in advance.
     
  2. alphawolf50

    alphawolf50 Well-Known Member

    Joined:
    Apr 28, 2011
    Messages:
    186
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    uid 0 is root. To restate that, a user with uid 0 has unlimited access to your system. They don't need your root password if you're giving them an account with root privileges.

    It would be a better idea to set up sudo/wheel group for users who need elevated priveleges:
    Configuring sudo and adding users to Wheel group | Linux Poison

    Doing the above will allow you to limit which specific programs they can run, and will also log any actions they take.
     
  3. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    I know that is unlimited access. Support usually NEEDS unlimited access. I would go crazy if every script, every tool, everything I tried to do would not work. Not to mention how much more they could screw something up by not being root and having permissions, etc. wrong.

    Sudo is NOT the same thing. It does not work the same, it does not access the same by the very nature you need to add another word to every command!

    However, that is/was not my question. My question is how and why is the script changing the password? It should never do so, and none of the other scripts do such a thing. They all only give warnings. Why is this different?
     
    #3 lloyd_tennison, Feb 8, 2012
    Last edited: Feb 8, 2012
  4. alphawolf50

    alphawolf50 Well-Known Member

    Joined:
    Apr 28, 2011
    Messages:
    186
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Hi Lloyd,

    I didn't answer your question regarding hackcheck both because I don't know the answer and because I think creating an additional uid 0 account is a bad idea. However, if you're only worried about protecting your root password, you could have them log in with a public key:

    WHM >> Security Center >> Manage root’s SSH Keys

    I realize that may not be the answer you're looking for -- just trying to come up with a more "standard" solution than creating a superuser account who isn't the superuser. Others are free to chime in if they know how to make hackcheck behave differently.
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,456
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
Loading...
Similar Threads - Hackcheck
  1. biggjoe
    Replies:
    12
    Views:
    1,259

Share This Page