|
|
|
@ -17,8 +17,8 @@ the bottom right corner of the form.
|
|
|
|
|
**Disabled** Unchecked *Can be used to (temporarily) disable an account*
|
|
|
|
|
**Username** John *A unique username*
|
|
|
|
|
**Password** secret *A strong password*
|
|
|
|
|
**Login shell** /bin/csh *The shell to use when logging in via the console.*
|
|
|
|
|
**Full name** John Doe *Optional, Full username*
|
|
|
|
|
**Login shell** *The shell to use when logging in via the console.*
|
|
|
|
|
**Expiration date** *Optional, if account should expire enter as mm/dd/yyy*
|
|
|
|
|
**Group Membership** *Optional, select one or more groups*
|
|
|
|
|
**Certificate** *Optional, check if a user certificate should be created*
|
|
|
|
@ -34,31 +34,11 @@ corner of the form.
|
|
|
|
|
|
|
|
|
|
Enter a **Group name** and a **Description** and add users to the group.
|
|
|
|
|
|
|
|
|
|
Add privileges to a group
|
|
|
|
|
-------------------------
|
|
|
|
|
After creating a group the privileges can be added by editing the group.
|
|
|
|
|
Go to :menuselection:`System --> Access --> Groups` and click on the edit symbol (pencil) right next
|
|
|
|
|
to the group you like to change.
|
|
|
|
|
|
|
|
|
|
To assign privileges, just click on the pencil icon on the right of **Assigned Privileges**.
|
|
|
|
|
A form will be shown where each page can be either selected or deselected.
|
|
|
|
|
|
|
|
|
|
The search bottom at the top of this form can be used to quickly find the right
|
|
|
|
|
page.
|
|
|
|
|
|
|
|
|
|
.. image:: images/user_privileges.png
|
|
|
|
|
:width: 100%
|
|
|
|
|
|
|
|
|
|
After making the right selection click on **Save** to store the new settings.
|
|
|
|
|
|
|
|
|
|
.. _SSH and console login:
|
|
|
|
|
|
|
|
|
|
SSH and console login
|
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
|
|
User accounts can be used for logging in to the web frontend, as well as for logging in to the console (via VGA,
|
|
|
|
|
serial or SSH). The latter will only work if the user's shell is not set to ``/sbin/nologin`` and if group the user is
|
|
|
|
|
part of is allowed SSH access.
|
|
|
|
|
serial or SSH). The latter will only work if the user shell is not set to ``/sbin/nologin``.
|
|
|
|
|
|
|
|
|
|
In order to access OPNsense via SSH, SSH access will need to be configured via :menuselection:`System --> Settings --> Administration`.
|
|
|
|
|
Under the "Secure Shell" heading, the following options are available:
|
|
|
|
|