mirror of https://github.com/pikvm/pikvm.git
update
This commit is contained in:
Maxim Devaev
parent
34c91e6f32
commit
33020859df
|
|
@ -1,23 +1,25 @@
|
|||
??? danger "✮ ✮ ✮ CHANGE THE PASSWORDS! ✮ ✮ ✮"
|
||||
PiKVM comes with the following default passwords:
|
||||
|
||||
* **Linux admin** (SSH, etc.): user `root`, password `root`.
|
||||
* **PiKVM Web Interface**: user `admin`, password `admin`, no 2FA code.
|
||||
* **Linux admin** (SSH, console, etc.): user `root`, password `root`.
|
||||
* **PiKVM Web Interface** ([API](api.md), [VNC](vnc.md)...): user `admin`, password `admin`, no 2FA code.
|
||||
|
||||
**These are two separate entities with independent accounts.**
|
||||
To change passwords, you will need to use the terminal (read below) access via SSH or Web Terminal.
|
||||
If you are using the Web Terminal, use the `su -` command to get root access (enter the root user password).
|
||||
To change passwords, you will need to use the console access via SSH or the Web Terminal.
|
||||
If you are using the Web Terminal, enter the `su -` command to get the `root` access (enter the `root` user password).
|
||||
|
||||
```console
|
||||
[root@pikvm ~]# rw
|
||||
[root@pikvm ~]# passwd root
|
||||
[root@pikvm ~]# kvmd-htpasswd set admin
|
||||
[root@pikvm ~]# ro
|
||||
```
|
||||
# rw
|
||||
# passwd root
|
||||
# kvmd-htpasswd set admin
|
||||
# ro
|
||||
```
|
||||
|
||||
If you require additional user for the Web UI access, use the following:
|
||||
```
|
||||
# kvmd-htpasswd set <user> # Set a new user with password or change of an existing one
|
||||
# kvmd-htpasswd del <user> # Remove/delete a user
|
||||
|
||||
```console
|
||||
[root@pikvm ~]# kvmd-htpasswd set <user> # Set a new user with password or change of an existing one
|
||||
[root@pikvm ~]# kvmd-htpasswd del <user> # Remove/delete a user
|
||||
```
|
||||
|
||||
**Optionally you can enable the [two-factor authentication](auth.md#two-factor-authentication) for more security.**
|
||||
|
|
|
|||
27
docs/auth.md
27
docs/auth.md
|
|
@ -1,17 +1,20 @@
|
|||
# Authentication
|
||||
|
||||
PiKVM OS is based on a regular Linux system, so everything about authorization in this OS is also true for PiKVM.
|
||||
It comes with the following default passwords:
|
||||
|
||||
* **Linux admin** (SSH, console, etc.): user `root`, password `root`.
|
||||
* **PiKVM Web Interface, [API](api.md), [VNC](vnc.md)...**: user `admin`, password `admin`, no 2FA code.
|
||||
!!! note "PiKVM comes with the following default passwords"
|
||||
|
||||
**These are two separate entities with independent accounts.**
|
||||
* **Linux admin** (SSH, console, etc.): user `root`, password `root`.
|
||||
* **PiKVM Web Interface** ([API](api.md), [VNC](vnc.md)...): user `admin`, password `admin`, no 2FA code.
|
||||
|
||||
Also there is another special Linux user: `kvmd-webterm`.
|
||||
It can't be used for login or remote access to PiKVM OS and has the non-privileged rights in the OS.
|
||||
Password access and `sudo` is disabled for it. It is used only for launching the Web Terminal.
|
||||
These restrictions are set for security reasons.
|
||||
**These are two separate entities with independent accounts.**
|
||||
|
||||
!!! note "There is another special Linux user: `kvmd-webterm`"
|
||||
It can't be used for login or remote access to PiKVM OS and has the non-privileged rights in the OS.
|
||||
Password access and `sudo` is disabled for it. It is used only for launching the Web Terminal.
|
||||
These restrictions are set for security reasons.
|
||||
|
||||
*Changing the [VNCAuth passkey](vnc.md) and [IPMI password](ipmi.md) described in the relevant documents*.
|
||||
|
||||
|
||||
-----
|
||||
|
|
@ -27,7 +30,7 @@ To obtain it in the Web Terminal, type `su -` and then enter the `root` user pas
|
|||
[root@pikvm kvmd-webterm]#
|
||||
```
|
||||
|
||||
??? tip "Disabling the Web Terminal"
|
||||
??? example "Step by step: Disabling the Web Terminal"
|
||||
|
||||
Sometimes the actual owner of a PiKVM device and the user who is allowed to use it are different people.
|
||||
So you may want to disable console access from the Web UI. To do this, use the following:
|
||||
|
|
@ -54,6 +57,9 @@ To obtain it in the Web Terminal, type `su -` and then enter the `root` user pas
|
|||
-----
|
||||
## Changing the KVM password
|
||||
|
||||
This password is used, among the Web UI login, to access the [API](api.md), [VNC](vnc.md) (if enabled)
|
||||
and other functions that do not concern the OS shell.
|
||||
|
||||
```console
|
||||
[root@pikvm ~]# rw
|
||||
[root@pikvm ~]# kvmd-htpasswd set admin
|
||||
|
|
@ -69,6 +75,9 @@ with different passwords to access the Web UI, but keep in mind that they all ha
|
|||
[root@pikvm ~]# kvmd-htpasswd del <user> # Removes/deletes a user
|
||||
```
|
||||
|
||||
At the moment there is no method to create any ACL for different KVM users.
|
||||
|
||||
|
||||
-----
|
||||
## Two-factor authentication
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue