Home > Tips > How to Secure Your FreeNAS Server

How to Secure Your FreeNAS Server

February 24th, 2010

Via the FreeNAS forum, Phan Vinh Thinh has posted some details on how to secure your FreeNAS server.

  1. Change the WebGUI admin/root password (the default is: freenas)
    Use a very strong password if you intend to access FreeNAS over the Internet.
    Please note – admin/root accounts use the same password.
    Please note – Users that are members of the wheel group can su to root if they know the root password.
  2. Change WebGUI admin user name (the default is admin), to protect your system against dictionary attacks.
  3. DO NOT give shell access to everybody.
  4. DO NOT use FTP over the Internet, use SSH or SFTP instead.
  5. DO NOT enable Password Authentication with SSH, set-up and use SSH key based authentication.
  6. Always use https protocol to access WebGUI interface.
  7. DO NOT open your WebGUI server to internet, rather open a tunnel via SSH from client to server.

See the rest of his blog entry for a brief tutorial on implementing these steps Phan’s blog: How to secure your FreeNAS server

Categories: Tips Tags:
  1. May 15th, 2010 at 10:27 | #1

    Hi. I’ve setup key pair auth for SSH on FreeNAS.
    Each time the physical server is restarted,
    everything within /mnt/.ssh on the FreeNAS box is removed (incl the /mnt.ssh dir).
    What is the work around for this?

  2. KrOt
    July 21st, 2010 at 16:28 | #2

    Please please please make youtube tutorial

Comments are closed.