Further setup questions on new ER-X (1.9.0) - GUI authentication and package repositories

OK, so, background as previously mentioned:  I have an ER-PoE in service running v1.4.1, and I'm trying to set up a new ER-X running 1.9.0.  And some weird things are happening, and I have a number of questions.

First of all, I've created additional users on the ER-X, and I can ssh to it as those users, but despite adding the new users through the CLI, I could still connect to the ER-X via the web interface ONLY as the ubnt user.  I eventually managed to get GUI login working for my non-root admin user by setting the password via CLI; a password set via the GUI never worked for any user.  However, I still cannot login via the GUI as root, only as my non-root admin user, although I can ssh in as either.

The system login configuration currently looks like this:

root@typhon# show system login
 user alaric {
     authentication {
         encrypted-password $6$kTAkmgd8m$7MdjysaeW9c0L54Iu4puMkXwlvztnGJT/Of72QOjsfqY0ymbkWSrze6unhu9ETgy2ZJ1Q5UAy2keplN4FRL4f1
         plaintext-password ""
         public-keys alaric@babylon5 {
             key AAAAC3NzaC1lZDI1NTE5AAAAIHw4lN0OfgBe94mn1i02eZM2AREUNXARyGxwcvYs/hWA
             type ssh-ed25519
         }
         public-keys root@babylon5 {
             key AAAAC3NzaC1lZDI1NTE5AAAAIBEVvGFgpDr0/n1Fc3ys5W0SlIbBzfOU4FqlTZI/h4lu
             type ssh-ed25519
         }
     }
     full-name Alaric
     level admin
 }
 user root {
     authentication {
         encrypted-password $6$EUmp3TNfR.Bm.bXa$7k7775v6R8/LyBOIvwWI9mho4keghGY3ub93mgHbyVaeImX3UqtTft7IOmHSNgi/3ENgjx1gkSdBP7sYhZ5lw1
         plaintext-password ""
         public-keys alaric@babylon5 {
             key AAAAC3NzaC1lZDI1NTE5AAAAIHw4lN0OfgBe94mn1i02eZM2AREUNXARyGxwcvYs/hWA
             type ssh-ed25519
         }
         public-keys root@babylon5 {
             key AAAAC3NzaC1lZDI1NTE5AAAAIBEVvGFgpDr0/n1Fc3ys5W0SlIbBzfOU4FqlTZI/h4lu
             type ssh-ed25519
         }
     }
     full-name "Router Admin"
     level admin
 }

Can anyone explain to me what is going on here?  Is the GUI simply hard-coded to never accept login as root, or something like that?

(It took me quite a fit of fiddling around, by the way, to figure out the correct invocations to set up my SSH public keys in the configuration.)

Speaking of configuration ...  when I enter, for example, 'show system login' in the configure tool, the output appears to be always displayed using 'more', and always ends up with the top line of output scrolled off the top of my xterm.  I have to manually scroll the xterm up to see the first line.  Is there any way to fix or disable this?

(Heck, if 'show ...' just dumped everything straight into the terminal, raw, I have scrollback in my xterms and I could actually read it much more easily than I can via more.  In this case, more is less.  But less is more, so there is symmetry.)

Once I have this set up, I think about my only remaining major task is to install and set up Shorewall.  (Because the ipchains/iptables interface is horribly and unnecessarily cryptic and user-hustile.)  I know there used to be a how-to guide on setting up Debian repositories to add additional packages, but I cannot now find it.  I can't use the packages I already had for my ER-PoE, because they are the wrong architecture (mips ve. mipsel).  Can anyone point me at current documentation on this?

Never mind, just found that.  For anyone else looking, the documentation is right here.

...Oh, right, I knew there was another thing I intended to ask.  Currently my browser throws a security exception on the EdgeMax GUI's SSL certificate because it is self-signed and valid only for ubnt.com. Is there a means provided for me to install my own SSL certificate?