Assistance with Upgrading Server to DEBAIN 12 OS and User Account Configuration

B

bcx

Verified User
Joined
Dec 11, 2015
Messages
94
Hi,

I am planning to upgrade my server's OS from Debian 11 to Debian 12 using a fresh installation provided by my hosting provider. I am managing an unmanaged dedicated server, and the upgrade is necessary due to security concerns: the "admin" user account has been compromised with malware, though other user accounts appear to have remained secure. And spam is being send, and i'm unable to track down the script. (never had this in 17 years of experience)

I reached out to my host to inquire if the default "admin" username could be changed during the installation process to improve security. However, they directed me to this link: DirectAdmin Documentation. https://docs.directadmin.com/directadmin/general-usage/domains-users-resellers.html

Could you clarify whether it’s possible to have the default "admin" username changed during or after the installation? If not, could you advise on alternative methods to secure this account post-installation?

GOAL:
Change administartion account ADMIN to a personal username.

I think this is best that i first be able to manage this change, before i manually will backup the mysql databases, domainnames, emails and ftp files.

Thank you for your assistance!
 
I think what you want do is not functional.

You can't rename user admin because its essencial with DA because have hardcore function need to operate, maybe i wrong but wait for a response from the staff.
 
@Kurogane is correct. That command is intended for users, not for main admin. You could use it but then things might not work as expected.
Check this post for other things which needs adjusting:
scriptkitty

Post in thread 'Change Default Admin Username'

Hello,

This worked in my testing, especially well after this:
https://www.directadmin.com/features.php?id=2984
change_username.sh: CRON: also swap paths

Now, afterwards,

1) Resuspend any suspended domains
2) Check for any custom docroots using the old '/home/admin' path, update, and rebuild_confs
3) Check the backup cron path (eg '/home/admin/admin_backups') in /usr/local/directadmin/data/admin/backup.conf (setting may look like this: local_path=/home/admin/admin_backups)

Keep in mind the many plugins and scripts may specify the /home/admin path instead of ~ or $HOME, so...
  • Like

Also a maybe better option might be to create a new admin with the new name.
After that, login as the new admin and remove the default (old) admin account.

Personally I wouldn't do this at all, but just use a very long and difficult password for the admin account and don't use it anymore, just only use the newly created admin account.
 
Yes i noticed, i'm doining a full reinstall.. I don't recommend to change the admin. Things didn't worked out. To bad you can't edit this easy in the settings. My server got hacked because of the default username. even though it was a 17 charachter strong pass. Even the FTP /home/user/ got root access :s very weird things
 
bcx said:
even though it was a 17 charachter strong pass. Even the FTP /home/user/ got root access :s very weird things
Click to expand...
If that password is so long with special characters, I'm sure they did not hack your password. Most likely they used some leak script to get root access or.... if you bought a DA version not from DA, then it could be a nulled version, because only DA sells licenses.
And ofcourse hosting company's and datacenters, but only if they are sold together with a vps or server. If you got a license seperately from somewhere, it most likely is an illegal version and that could also cause root hacks.

But if you have a legal version, then as said, probably leak scripts or leak application which was not updated in time.
Or malware on your pc which was stealing passwords.
 
Its a legal version ;), i'm rocking DA since 2007. yeah i'm installing now all my wordpress sites one by one, with all plugins fresh download. I hope this keeps the maleware out.
 
Then be sure to install Clamav and Maldetect too it scans for malicious scripts and is free. Or use something like immunify360 (not free).
 
You must log in or register to reply here.
Back
Top