Setting the Password on First Login to FileWave Appliances (15.5+)

What

Starting from FileWave version 15.5.0, there have been important changes to the default login process and security features of the FileWave Appliance:

  1.  Disabled Root Login: The root user is now disabled from logging in directly to enhance security.
  2. New Default User - fwadmin: Instead of logging in as root, you will now use the fwadmin user with the default password filewave.
  3. Mandatory Password Change: On the first login, fwadmin will be prompted to change the password. It’s crucial to choose a secure password and keep a record of it.
  4. Sudo Access: The fwadmin user has sudo privileges to perform administrative tasks that require root access.
  5. Enhanced Security with Fail2Ban: Fail2Ban has been added to protect against unauthorized access attempts. It will temporarily block IP addresses after a number of failed login attempts.

These changes apply to new Debian-based Appliances starting from version 15.5.0 and onward.

Existing Debian Appliances will not have these changes implemented unless you manually make the changes or migrate to a new Appliance.

When/Why

These changes have been implemented to strengthen the security of your FileWave Appliance:

Existing Appliances

To benefit from these changes either:

How

First Login and Password Change

  1. Access the Appliance: Connect to your FileWave Appliance via SSH or console.
  2. Login as fwadmin: Use the username fwadmin and the default password filewave.
  3. Change Password: You will be prompted to change the password immediately.
    • Enter New Password: Choose a strong, unique password.
    • Confirm New Password: Re-enter the password to confirm.
  4. Note the Password: Keep the new password in a secure place.

Using Sudo for Administrative Tasks

Run Commands with Sudo: Prefix administrative commands with sudo.

sudo apt-get update

Enter Password When Prompted: You may be asked for your fwadmin password when executing sudo commands.

Fail2Ban Security Measures

Best Practices


Revision #12
Created 24 April 2024 12:52:16 by Josh Levitsky
Updated 9 December 2024 14:30:05 by Josh Levitsky