Create admin user: Difference between revisions
Created page with " 1. Create user: os level <syntaxhighlight lang="bash"> useradd -s /bin/bash -m gyurci08 </syntaxhighlight> pve level <syntaxhighlight lang="bash"> pveum user add gyurci08@pam </syntaxhighlight> 2." |
No edit summary |
||
| (9 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== Create Admin on Proxmox VE 9 == | |||
1. | === 1. Install <code>sudo</code> (if not present) === | ||
<syntaxhighlight lang="bash"> | |||
apt update && apt install -y sudo | |||
</syntaxhighlight> | |||
=== 2. Create an Administrative User === | |||
The following script will: | |||
* Create a new local Linux user (replace <code>asd</code> and password as needed). | |||
* Add the user to the <code>sudo</code> group. | |||
* Create an <code>admins</code> group in Proxmox user management. | |||
* Assign the <code>Administrator</code> role to the group. | |||
* Add the user to the Proxmox permission system with PAM authentication. | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
useradd -s /bin/bash - | USER="asd" | ||
PASS="asd" | |||
COMMENT="System Administrator" | |||
# Create local user if not existing | |||
if ! id "$USER" &>/dev/null; then | |||
useradd -m -s /bin/bash -G sudo "$USER" | |||
echo "$USER:$PASS" | chpasswd | |||
fi | |||
# Create admin group in Proxmox (ignore error if it exists) | |||
pveum groupadd admins --comment "${COMMENT} group" || true | |||
# Assign Administrator role to the group (root-level permission) | |||
pveum acl modify / --group admins --role Administrator | |||
# Add user to Proxmox user database (PAM authentication) | |||
pveum user add "${USER}@pam" --comment "${COMMENT}" --groups admins || true | |||
</syntaxhighlight> | </syntaxhighlight> | ||
=== 3. Remove the Created User and Group === | |||
To cleanly remove the user and associated group from both Linux and Proxmox: | |||
<syntaxhighlight lang="bash"> | |||
USER="asd" | |||
# Remove local Linux user | |||
deluser --remove-home "$USER" | |||
# Remove from Proxmox permission system | |||
pveum user delete "${USER}@pam" || true | |||
pveum group delete admins || true | |||
</syntaxhighlight> | |||
=== 4. (Optional) Disable Root GUI Access === | |||
For improved security, it is recommended to disable the default <code>root@pam</code> account GUI access once an administrative user exists: | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
pveum user | pveum user modify root@pam --enable 0 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
==== To re-enable root GUI access: ==== | |||
<syntaxhighlight lang="bash"> | |||
pveum user modify root@pam --enable 1 | |||
</syntaxhighlight> | |||
'''Notes:''' | |||
* Always update default passwords before production use. | |||
* The <code>admins</code> group will retain <code>Administrator</code> privileges assigned through the ACL. | |||
* Be sure to have at least one active administrative account before disabling root GUI access. | |||
* All commands must be executed with root privileges (via shell or sudo). | |||
[[Category:Proxmox VE]] | |||
Latest revision as of 22:04, 10 October 2025
Create Admin on Proxmox VE 9
1. Install sudo (if not present)
apt update && apt install -y sudo
2. Create an Administrative User
The following script will:
- Create a new local Linux user (replace
asdand password as needed). - Add the user to the
sudogroup. - Create an
adminsgroup in Proxmox user management. - Assign the
Administratorrole to the group. - Add the user to the Proxmox permission system with PAM authentication.
USER="asd"
PASS="asd"
COMMENT="System Administrator"
# Create local user if not existing
if ! id "$USER" &>/dev/null; then
useradd -m -s /bin/bash -G sudo "$USER"
echo "$USER:$PASS" | chpasswd
fi
# Create admin group in Proxmox (ignore error if it exists)
pveum groupadd admins --comment "${COMMENT} group" || true
# Assign Administrator role to the group (root-level permission)
pveum acl modify / --group admins --role Administrator
# Add user to Proxmox user database (PAM authentication)
pveum user add "${USER}@pam" --comment "${COMMENT}" --groups admins || true
3. Remove the Created User and Group
To cleanly remove the user and associated group from both Linux and Proxmox:
USER="asd"
# Remove local Linux user
deluser --remove-home "$USER"
# Remove from Proxmox permission system
pveum user delete "${USER}@pam" || true
pveum group delete admins || true
4. (Optional) Disable Root GUI Access
For improved security, it is recommended to disable the default root@pam account GUI access once an administrative user exists:
pveum user modify root@pam --enable 0
To re-enable root GUI access:
pveum user modify root@pam --enable 1
Notes:
- Always update default passwords before production use.
- The
adminsgroup will retainAdministratorprivileges assigned through the ACL. - Be sure to have at least one active administrative account before disabling root GUI access.
- All commands must be executed with root privileges (via shell or sudo).