You can add and delete users on the Virtual Appliance Management Interface to create the appropriate level of security.

About this task

The root user account for the Virtual Appliance Management Interface uses PAM for authentication, so the clipping levels set by PAM also apply. If you have not appropriately isolated the Virtual Appliance Management Interface, a lock out of the system root account could occur if an attacker attempts to brute force the login. In addition, where the root account is considered insufficient to provide non-repudiation by more than one person in your organization, then you might elect to change the admin user for the management interface.

Prerequisites

Procedure

  1. Run the following command to create a new user and add it to the Virtual Appliance Management Interface group.

    useradd -G vami,root user

  2. Create a password for the user.

    passwd user

  3. (Optional) : Run the following command to disable root access on the Virtual Appliance Management Interface.

    usermod -R vami root

    Note:

    Disabling root access to the Virtual Appliance Management Interface also disables the ability to update the Administrator, or root, password from the Admin tab.