Archives
/
pikvm
mirror of https://github.com/pikvm/pikvm
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

update

Browse Source
pull/1101/head
Maxim Devaev 9 months ago
parent 34c91e6f32
commit 33020859df
2 changed files with 32 additions and 21 deletions
Show Stats Download Patch File Download Diff File

26
docs/_passwd.md
Unescape Escape View File

@ -1,23 +1,25 @@
??? danger "✮ ✮ ✮ CHANGE THE PASSWORDS! ✮ ✮ ✮"
PiKVM comes with the following default passwords:
* **Linux admin** (SSH, etc.): user `root`, password `root`.
* **PiKVM Web Interface**: user `admin`, password `admin`, no 2FA code.
* **Linux admin** (SSH, console, etc.): user `root`, password `root`.
* **PiKVM Web Interface** ([API](api.md), [VNC](vnc.md)...): user `admin`, password `admin`, no 2FA code.
**These are two separate entities with independent accounts.**
To change passwords, you will need to use the terminal (read below) access via SSH or Web Terminal.
If you are using the Web Terminal, use the `su -` command to get root access (enter the root user password).
To change passwords, you will need to use the console access via SSH or the Web Terminal.
If you are using the Web Terminal, enter the `su -` command to get the `root` access (enter the `root` user password).
```console
[root@pikvm ~]# rw
[root@pikvm ~]# passwd root
[root@pikvm ~]# kvmd-htpasswd set admin
[root@pikvm ~]# ro
```
# rw
# passwd root
# kvmd-htpasswd set admin
# ro
```
If you require additional user for the Web UI access, use the following:
```
# kvmd-htpasswd set <user> # Set a new user with password or change of an existing one
# kvmd-htpasswd del <user> # Remove/delete a user
```console
[root@pikvm ~]# kvmd-htpasswd set <user> # Set a new user with password or change of an existing one
[root@pikvm ~]# kvmd-htpasswd del <user> # Remove/delete a user
```
**Optionally you can enable the [two-factor authentication](auth.md#two-factor-authentication) for more security.**

27
docs/auth.md
Unescape Escape View File

@ -1,17 +1,20 @@
# Authentication
PiKVM OS is based on a regular Linux system, so everything about authorization in this OS is also true for PiKVM.
It comes with the following default passwords:
* **Linux admin** (SSH, console, etc.): user `root`, password `root`.
* **PiKVM Web Interface, [API](api.md), [VNC](vnc.md)...**: user `admin`, password `admin`, no 2FA code.
!!! note "PiKVM comes with the following default passwords"
**These are two separate entities with independent accounts.**
* **Linux admin** (SSH, console, etc.): user `root`, password `root`.
* **PiKVM Web Interface** ([API](api.md), [VNC](vnc.md)...): user `admin`, password `admin`, no 2FA code.
Also there is another special Linux user: `kvmd-webterm`.
It can't be used for login or remote access to PiKVM OS and has the non-privileged rights in the OS.
Password access and `sudo` is disabled for it. It is used only for launching the Web Terminal.
These restrictions are set for security reasons.
**These are two separate entities with independent accounts.**
!!! note "There is another special Linux user: `kvmd-webterm`"
It can't be used for login or remote access to PiKVM OS and has the non-privileged rights in the OS.
Password access and `sudo` is disabled for it. It is used only for launching the Web Terminal.
These restrictions are set for security reasons.
*Changing the [VNCAuth passkey](vnc.md) and [IPMI password](ipmi.md) described in the relevant documents*.
-----
@ -27,7 +30,7 @@ To obtain it in the Web Terminal, type `su -` and then enter the `root` user pas
[root@pikvm kvmd-webterm]#
```
??? tip "Disabling the Web Terminal"
??? example "Step by step: Disabling the Web Terminal"
Sometimes the actual owner of a PiKVM device and the user who is allowed to use it are different people.
So you may want to disable console access from the Web UI. To do this, use the following:
@ -54,6 +57,9 @@ To obtain it in the Web Terminal, type `su -` and then enter the `root` user pas
-----
## Changing the KVM password
This password is used, among the Web UI login, to access the [API](api.md), [VNC](vnc.md) (if enabled)
and other functions that do not concern the OS shell.
```console
[root@pikvm ~]# rw
[root@pikvm ~]# kvmd-htpasswd set admin
@ -69,6 +75,9 @@ with different passwords to access the Web UI, but keep in mind that they all ha
[root@pikvm ~]# kvmd-htpasswd del <user> # Removes/deletes a user
```
At the moment there is no method to create any ACL for different KVM users.
-----
## Two-factor authentication

Write Preview
Loading…
Cancel
Save