New Install - Installation User Setup
Setup Node Admin User
At this point in the installation progress, your screen should have cleared and the next section started, which is the user setup.
nodectl will detect the current user logged in. In our example using the Ubuntu distribution on AWS, the user called ubuntu
.
Avoid using commonly known usernames on your future node. Hackers often target these first for potential access vulnerabilities. A simple name change adds a small but effective layer of security for your node, that directly faces the Internet.
If you are an advanced user and want to keep the default usernames, it is advised to password protect the userid before you move your node onto the cluster(s).
We will create a non-commonly known user now; however, we will continue the installation with the ubuntu
user.
At the end of the install, we will switch over to our new node administrator account; however, we will continue to use our ubuntu
user until instructed otherwise.
Reminder
Your default user will depend on your service provider and/or your Linux distribution of choice.
Most Commonly:
- root
- admin
- ubuntu
nodectl will recommend that you use nodeadmin
as your default Node Administrator. This will force us away from a commonly known usernames such as ubuntu
or admin
.
Commonly known username
Since this documentation is publicly available and nodectl is open sourced, the use of nodeadmin
can also be deemed a commonly used username; however, properly securing down your node as recommended by this documentation, should provide proper security to make the use of nodeadmin
a very minimal security risk.
Recommendation: use nodeadmin
.
Create user
We can hit the enter key to accept nodeadmin
as our default, or input nodeadmin
(or a username of your choice) and then enter to continue.
= CREATE USER =
========================================
detecting user ................................ ubuntu
This ubuntu user is dangerous.
You should create a non-commonly known user to administer your node.
It is recommended to use nodeadmin as the Node Administrator.
This is recommended because it will help during troubleshooting, administering, etc. as you follow any
instructional documentation or tutorials.
Please enter in the new user you would like to
create [nodeadmin]:
Setup password
Our nodeadmin
user (or whichever user you decided to create - heretofore nodeadmin
) will require a password.
This password will be used to enter super user mode (sudo). During each initial nodectl request, the sudo password will be required. Just like being asked for your Administrative password on Windows or Apple, you will need to enter it when using nodectl.
Since nodectl has the power to alter your VPS's operating system, we must use sudo
before we call it each time. After the initial call to use nodectl
with sudo
you will not need to re-enter the administrative (sudo) password again, until it times out.
The installation will now ask you to enter a new password.
The nodectl installer will offer you some information (similar to these comments) about the various password, keyphrase, or passphrases [passphrases]
that will be required to run your node.
Important
You must secure this password/passphrase in a safe secure location and/or remember them.
Your passphrase will offer access to your node and the VPS your node runs on.
Unauthorized access can be potentially crippling to the operations of your node; as well as, may have financial consequences because your node will hold a hot wallet.
This particular passphrase/password does not offer access to your p12
wallet, which will be discussed later in this documentation.
passphrases.
1 SSH KEY passphrase/keyphrase - already created
2 User nodeadmin's VPS admin password
3 P12 Private key passphrase/keyphrase
You will not see your password as you type it, this is for security purposes.
Your password should contain capital & lowercase letters, numbers, special characters, but
no single or double quotes.
We will create a password of at least 10
characters in length. You can use whatever characters you desire. However, caution should be exercised when attempting to use of section sign
characters as nodectl may not work properly with them.
When creating your passphrase, avoid use of:
- periods
- double
//
- section signs
- double quotes
- single quotes
Important
You will not see any characters while you enter and confirm the password. This is a feature of the operating system done for security reasons.
We enter our newly formulated password.
This password will allow access to enter sudo (superuser do).
Please create a unique password and write it down!
It is recommended to save this password to a secure location and do NOT
forget it! If choosing to write it down, label in your notes:
"nodeadmin user password to access sudo (administrator) rights on the node."
>> Please enter a 10 character minimum
>> password for nodeadmin:
Confirm your password.
Your user will be created and added to the necessary groups for use on your future node.
Adding new user [nodeadmin] to sudo group...... complete