Hi, need your advice pls about the possibilities of VM (Virtualmin/webmin)and best practice about how to give a (upwork) hired admin access to my “kingdom” for working on ie. Openvpn network based on that server, without giving away my kingdom.
cPanel for me always had the very bad nexessity of full access or no access… i think I read somewhere on webmin that I can give sub-admins accounts?
Can someone pls help me how to give someone the necessary access without me the owner being locked out easily or him/her having access to all things like ie. backup routines, main passowrd etc.?
Add: In the doc I see that I can create additional admins per Virtual Server, but the OpenVPN structure is on the “main” server level, so I assume I need to give anyone helping full access to the root level?
Btw.: It was a very hard and expensive move from cPanel here (the import tool didnt work at all) … but really start to love Virtualmin
Well, Webmin does offer a GUI via which you have fine-grained control over what your remote admin can do, without you needing to have to give him the keys to your kingdom - the password to root.
WRT your concerns about your remote admin locking you out, there are many VPS hosts which offer a control panel via which the root password can be reset, so recovering from this is no longer as much of a challenge as it used to be.
Lastly, why give the contract through upwork when you could find many knowledgeable and experienced admins right here on these forums who might be willing to offer you remote admin services? That’s what the Jobs section is there for: https://forum.virtualmin.com/c/jobs/
Hi calport,
thank you so much!
I have a root/bare metal server and my admin insralled everything, so there is no “backdoor for server owner” login from the hosting…they themselves have no access to “my” server setup/root
The GUI for extra admins I have seen, but that works on a the virtual server level… the OpenVPN system is on the root level, if I am correct… am I correct to assume that I would need a way of “2nd level root” with an extra password, so they cannot log me out?
And do you know of a way?
Or let me rephrase pls: Since as far as I know OpenVPN is a matter of files on my server — how can I give virtual server access to folder /root
You can make separate users in the webmin tab and disable any webmin module you don’t want them to have access to. If you just want them to manage the OpenVPN module you can leave everything unchecked and just enable that one.
Hi sputnik,
wow, that sounds nice… so Webmin tab -> Webmin -> Webmin users -> create new privilieged or safe user?
wow, thats a great hint, didnt see that so far!
Seems I can also set there limited SSH access?
Do I assume correctly that I could create a near master-admin, without handing out my root password with this method? cool!! that cpanel couldnt do!!!
For your purposes I believe a privileged user with only the required modules will suffice. This way you can create whatever level administrator you want. You can also enable SSH access in the “Others” section. Note that this will create an actual system user with it’s own home directory and ability to keep files on the system.
I’ve worked with Webmin and Virtualmin for years. It’s a very clean and powerful tool.