# Setting the Password on First Login to FileWave Appliances (15.5+) ## What Starting from FileWave version 15.5.0, there have been important changes to the default login process and security features of the FileWave Appliance: 1. **Disabled Root Login**: The root user is now disabled from logging in directly to enhance security. 2. **New Default User -** User: *fwadmin* (as of 15.4.0), default password: *filewave*. 3. **Mandatory Password Change**: On the first login, fwadmin will be prompted to change the password. It’s crucial to choose a secure password and keep a record of it. 4. **Sudo Access**: The fwadmin user has sudo privileges to perform administrative tasks that require root access. 5. **Enhanced Security with Fail2Ban**: Fail2Ban has been added to protect against unauthorized access attempts. It will temporarily block IP addresses after a number of failed login attempts.

For security, the account for *root* is disabled as of version 15.5.0.

**These changes apply to new Debian-based Appliances starting from version 15.5.0 and onward.**

**Existing Debian Appliances will not have these changes implemented unless you manually make the changes or migrate to a new Appliance.**

## When/Why These changes have been implemented to strengthen the security of your FileWave Appliance: - **Prevent Unauthorized Access**: Disabling direct root login reduces the risk of unauthorized access, as root accounts are common targets for attackers. - **Enforce Stronger Passwords**: Prompting a password change on first login ensures that default credentials are not used, which are often exploited. - **Monitor and Block Attacks**: Fail2Ban helps in detecting and preventing brute-force attacks by banning IP addresses that show malicious signs. - **Promote Best Security Practices**: Encouraging the use of sudo and secure passwords aligns with industry best practices for system administration. ### Existing Appliances To benefit from these changes either: - **Manually Implement the Changes**: Adjust your current Appliance settings to match the new security configurations. - **Migrate to a New Appliance**: Set up a new Appliance with version 15.5.0 or later and migrate your data accordingly. ## How **First Login and Password Change** 1. **Access the Appliance**: Connect to your FileWave Appliance via SSH or console. 2. **Login as** fwadmin: Use the username fwadmin and the default password filewave. 3. **Change Password**: You will be prompted to change the password immediately. - **Enter New Password**: Choose a strong, unique password. - **Confirm New Password**: Re-enter the password to confirm. 4. **Note the Password**: Keep the new password in a secure place. **Using Sudo for Administrative Tasks** **Run Commands with Sudo**: Prefix administrative commands with sudo. ```shell sudo apt-get update ``` **Enter Password When Prompted**: You may be asked for your fwadmin password when executing sudo commands. **Fail2Ban Security Measures** - **Automatic IP Blocking**: After several failed login attempts, Fail2Ban will block the offending IP address temporarily. - **Check Ban Status**: ```shell sudo fail2ban-client status sshd ``` - **Unban an IP (if necessary)**: ```shell sudo fail2ban-client set sshd unbanip ``` **Best Practices** - **Do Not Expose SSH to the Internet**: Keep SSH access limited to trusted networks. - **Use Strong Passwords**: Incorporate letters, numbers, and special characters. - **Regularly Update the Appliance**: Keep your system updated to patch vulnerabilities. - **Monitor Access Logs**: Regularly check logs for any unauthorized access attempts. ## Related Content - [FileWave Version 15.5.0](https://kb.filewave.com/books/downloads/page/filewave-version-1550-unsupported "FileWave Version 15.5.0")