[PVE-User] User administration.

Mathieu GIANNECCHINI Mathieu.Giannecchini at videomuseum.fr
Wed Nov 4 09:52:09 CET 2009


Maybe a simple workaround is to use X509 certificates under apache2 
configuration (with "SSLVerifyClient require" instruction|) |in order to 
require a valid cert for web interface access.
Then on pve server(s) you can set a password for root account shared 
between all admin and disable ssh password authentification access and 
only permit ssh access threw ssk key authentification


Luis Zarrabeitia a écrit :
> Hello... "question #2".
> There will be more than one person on the team that will administer our pve 
> cluster. I'd like them to have distinct administration passwords (I don't 
> care right now about restricting some of them to certain tasks, I'm fine with 
> all of them being superusers). Mainly, I would like to be able to revoke 
> one's access without having to get everyone to learn a new password.
> ¿what would be the best approach? User acounts+sudo? Would that work with the 
> web interface?
> Thank you.

Systèmes et réseaux informatiques
6 rue Beaubourg 75004 Paris

More information about the pve-user mailing list