Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Why would host ask me for my root pass?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Why would host ask me for my root pass?

BellaBella Member
edited June 2014 in General

Hi.

I have an OpenVZ VPS and am having an issue with it (it cant connect to the internet even though resolv.conf is fine), so I opened a ticket and they asked me for my root password so they could take a look at the issue.

I was just wondering why they would need the root pass because shouldn't they be able to get into the VPS without my root password since they should have access to the main node?

I have bought VPS's from many providers here over the years and they have never asked me for my root pass (besides intronet but we all know how that turned out).

Here is the ticket I am referring to. http://i.imgur.com/h9oiMeM.png

Comments

  • NeoonNeoon Community Contributor, Veteran

    not on openvz they can just enter.

  • awsonawson Member

    name and shame

  • AlexanderMAlexanderM Member, Top Host, Host Rep

    lol

  • BellaBella Member

    Here is a screen shot of the ticket http://i.imgur.com/h9oiMeM.png

  • InfinityInfinity Member, Host Rep

    @awson said:
    name and shame

    Look at the screenshot.

    We love servers. What happened was he probably doesn't have access to the host node yet I'm guessing.

  • He's a new staff member i think. I have never seen him the time i've been with WLS. I got my first response from him on my ticket today :P

  • PatrickPatrick Member
    edited June 2014

    They could be outsourced support or new staff as above and they don't want to give him access to the nodes just yet.

  • awsonawson Member

    But what if the customer was sane and didn't have root/password login enabled?

  • petrispetris Member

    @awson said:
    But what if the customer was sane and didn't have root/password login enabled?

    They'll hack in, apparently.

    Seriously though, can't they just use the console in SolusVM which uses "vzctl enter"? They don't need direct access to the host node.

  • nerouxneroux Member

    About the issue, can you ping the specified DNS servers using their IP? If not, what does a traceroute say?

  • blackblack Member

    It's less of an invasion of privacy if they ask you for your root password and you give it to them. It's something on the legal side, I believe.

    Thanked by 1perennate
  • AlexanderMAlexanderM Member, Top Host, Host Rep

    @black said:
    It's less of an invasion of privacy if they ask you for your root password and you give it to them. It's something on the legal side, I believe.

    Or they could ask you for permission to enter the VPS :P

  • J1021J1021 Member

    awson said: But what if the customer was sane and didn't have root/password login enabled?

    Then the host should provide a public key for the VM owner to add to authorized_keys.

    Thanked by 1Scion
  • MaouniqueMaounique Host Rep, Veteran

    black said: It's less of an invasion of privacy if they ask you for your root password and you give it to them. It's something on the legal side, I believe.

    I usually ask for it because this implies consent. It will be harder to make a case later for invasion of privacy.

    Thanked by 1rds100
  • akzakz Member

    I had a tech ask for my solus login to diagnose a dns issue. Was pretty reluctant to give him.

  • bigcatbigcat Member

    Maounique said: I usually ask for it because this implies consent.

    I work with shared hosting before and the policy is to always ask for password even though we can just login to user cPanel. Sort of niceties I guess.

    Thanked by 2Maounique rds100
  • ScionScion Member

    I never ask for the root password but I do always ask for permission to enter someone's VM. I find it easier to tell customers they should never share their passwords to anyone under any circumstances. The only exception is if they've signed up for a managed service add-on, which comes with implicit permission to enter the container and perform updates/maintenance. If it were me, a hosting company asking for the root password to my container would set off huge red flags.

  • MaouniqueMaounique Host Rep, Veteran

    Scion said: If it were me, a hosting company asking for the root password to my container would set off huge red flags.

    Not if you specify that is to have a clear record for their permission. Saying yes to the question, might say later they didnt understand what were they asked, giving the password makes that claim moot.

  • If it's a KVM VPS, we will ask if we need to access the OS on the VPS. For OpenVZ, we ask for permission (unless they've already given it) and make use of vzctl enter.

  • blackblack Member

    Personally, I just change my password to something temporarily then change it back after they're done.

    Thanked by 2Radi TheHackBox
  • MaouniqueMaounique Host Rep, Veteran

    black said: Personally, I just change my password to something temporarily then change it back after they're done.

    I desperately hope other people are doing the same, otherwise the passwords I get are usually too stupid to use at a suitcase lock...

    Thanked by 1taronyu
  • wychwych Member
    edited June 2014

    They probably asked for courtesy reasons, if someone wants a re-install I still make them confirm it to cover my back etc.

    Either that or he can't access the Solus Panel.

    @Maounique said:
    I desperately hope other people are doing the same, otherwise the passwords I get are usually too stupid to use at a suitcase lock...

    Ditto - 'password123' is just too easy.

  • Some of staff do not have root access to the host node

    Thanked by 1Radi
  • awsonawson Member

    I don't see why consent is needed -- if you're opening a ticket saying there's something wrong with your VM, you obviously want them to fix it, for which they'll probably need to access the VM anyway, so what's the point in them asking "can we vzctl into your VM"?

  • MaouniqueMaounique Host Rep, Veteran

    awson said: I don't see why consent is needed -- if you're opening a ticket saying there's something wrong with your VM, you obviously want them to fix it, for which they'll probably need to access the VM anyway, so what's the point in them asking "can we vzctl into your VM"?

    If you are dealing with all types of customers, you will see that you need to take all precautions. They might claim the expectation was to fix the node, not their VPS, so, after saying the node is ok, including statistics, you tell them it is a local problem and you may need to look inside. Asking for the pass also gives some clues, if is is 123 and you find the box wiped, you know what to say.
    In short, no pass, no fix, after all, it is an unmanaged service, why risk anything.

Sign In or Register to comment.