Description
By default, OpenWRT has one only user: the root admin.
We will create a new user, without privilege, only the one to administrate
correctly the system with the tool sudo.
Installation
As root, execute all those commands:
# opkg update
# opkg install shadow-useradd sudo
shadow-usermod package; this intents to set
the user account.Configuration
user configuration
Now, config the user account:
# useradd ego:egois the account name - it’s up to your convenience…# passwd ego: define the password# mkdir -p /home/ego/.ssh: make the main home, and the ssh folder.# touch /home/ego/.ssh/authorized_keys: create empty file (to copy your SSH public keys)# chown -R ego:ego /home/ego: give the user rights on his home.# chmod 0700 /home/ego: auth only this user.
sudo configuration
I would only talk about the sudo most secure method of configuration:
This method allows you to simply use the administrator’s password without
having to login with the administrator account.
The command sudo must be preceded by any other necessary command.
We edit the /etc/sudoers with the visudo command:
# visudo
Place at the bottom of the file, and uncomment the both lignes, to remove
the # symbol:
# Defaults targetpw # Ask for the password of the target user
# ALL ALL=(ALL) ALL # WARNING: only use this together with 'Defaults targetpw'
:wq!After saving and quit, your user can use any administration commands.
SSH configuration
Now, it’s the good time to add your ssh auth key into the /home/ego/.ssh/authorized_keys file.
.pub extension!sysupgrade configuration
Think to edit the file /etc/sysupgrade.conf to add:
- your home folder,
- and
/etc/sudoers.d(only if you add config into this folder)
and check with the command sysupgrade -l.
So, for the future upgrade , yours personals datas will be saved.