Default root password = major security risk

[Rick_B3]

The B3 manual says "A SSH connection will be available on the WAN port using username: ‘root’,
password: ‘excito’."

If you have the ssh port open, on your firewall, to permit remote ssh access, you surely need to be able to change the root password from the default (excito). Otherwise your B3 is open to the world, to use the published default password, to steal data from the box and mess it up generally.

I can't find anywhere in the documentation where it tells one how to change the root password to one of your own creation. Does anyone know how to change the root password on a B3 please?

[RandomUsername]

This is only when talking about booting into a rescue system is it not? Otherwise, directly logging in as root is disabled by default on all interfaces.

Also, if you don't know how to do something as simple as change a password (hint; use the command "passwd") you should probably avoid logging into SSH until you read up on the basics.

[nobody]

Before you get all excited, remember that root is not allowed to log in! You need a regular username and passwd first AND you need to specifically allow that user SSH access. Anyone clever enough to do this knows she should change the root pw. Which is something you can do from the command line.

In short, the security model is pretty good, even with a default ssh password.