Linux User AccountsΒΆ

A brief description of the system accounts available in a StarlingX system.

Sysadmin Local Linux Account

This is a local, per-host, sudo-enabled account created automatically when a new host is provisioned. It is used by the primary system administrator for StarlingX, as it has extended privileges.

See The sysadmin Account for more details.

Local Linux User Accounts

Local Linux User Accounts should NOT be created since they are used for internal system purposes.

Local LDAP Linux User Accounts

These are local LDAP accounts that are centrally managed across all hosts in the cluster. These accounts are intended to provide additional admin level user accounts (in addition to sysadmin) that can SSH to the nodes of the StarlingX and/or access its Kubernetes cluster.

See Local LDAP Linux User Accounts and Manage Composite Local LDAP Accounts at Scale for more details.

Note

For security reasons, it is recommended that ONLY admin level users be allowed to SSH to the nodes of the StarlingX. Non-admin level users should strictly use remote CLIs or remote web GUIs.

For more information, refer to the following: