Managing SmartDataCenter Users and Passwords
This documentation is for SmartDataCenter 6 and does not apply to SmartDataCenter 7 or Triton.
For current documentation, please see docs.joyent.com/private-cloud.
<table class="sectionMacro" border="0" cellpadding="5" cellspacing="0" width="100%"><tbody><tr>
SmartDataCenter uses several different user accounts and passwords to authenticate different parts of its components. This page describes the different account, what they're used for, and how to change their passwords.
The head node has two user accounts whose passwords are set at installation time:
You can use these accounts to log directly into the head node using SSH. The admin account can run sudo without a password. You can use this account to grant access to the head node without giving up root.
The root password on compute nodes is set to be identical to the root password on the head node.
The SmartDataCenter operating system is a live image that exists only in memory. When you reboot the head node, the operating system is loaded into memory from the USB key. That means that changes, such as changing the root password, need to be written back to the USB key in order to survive rebooting.
You can use SSH keys to log in to the head node using the usual procedure: place the public keys in the /root/.ssh/authorized_keys file.
In order to preserve the keys across reboots of the head node, follow these steps:
- Log in the to the global zone of the head node.
- Mount the US
- Create the file root.authorized_keys in the /mnt/usbkey/config.inc directory. Copy the public keys into this file.
Every time you reboot the head node, the keys in root.authorized_keys will be copied to /root/.ssh/authorized_keys.
|You can change the name of the file that contains the authorized keys in /mnt/usbkey/config.inc/generic. Change the section that reads:|
The different head node applications use basic authentication within the admin network to communicate with the Cloud Management API (MAP) and the Customers API. The credentials for this process are set at installation time.
The Operations Portal and the Customer Portal use login credentials stored in the Customers API (CAPI). The installation process creates a user named "Admin" in the Customers API database with a password you specify at installation time.
You can change the password for this user in the Customers section of the Operations Portal.