1.11 Create New User
Create a local user in this step. Administrating local users is a
suitable option for stand-alone workstations. If setting up a client on a
network with centralized user authentication, click
and proceed with the
Section 1.11.1, Expert Settings.
After entering the first name and last name, either accept the proposal
or specify a new that will be used to log in.
Finally, enter a password for the user. Reenter it for confirmation (to
ensure that you did not type something else by mistake). To provide
effective security, a password should be between five and eight
characters long. The maximum length for a password is 72 characters.
Passwords are case-sensitive. Special characters (7-bit ASCII)
and the digits 0 to 9 are allowed. Other special characters like umlauts
or accented characters are not allowed.
Passwords you enter are checked for weakness. When entering a password
that is easy to guess, such as a dictionary word or a name, you will see
a warning. It is a good security practice to use strong passwords.
IMPORTANT: Username and Password
Remember both your username and the password because they are needed
each time you log in to the system.
Three additional options are available:
-
-
If checked, the same password you have entered for the user will be
used for the system administrator root. This option is suitable
for stand-alone workstations or machines in a home network that are
administrated by a single user. When not checked, you are prompted for
a system administrator password in the next step of the installation
workflow (see Section 1.11.2, Password for the System Administrator root).
-
-
Checking this box sends messages created by the system services to the
user. These are usually only sent to root, the system
administrator. This option is useful for the most frequently used
account, because it is highly recommended to log in as root only
in special cases.
The mails sent by system services are stored in the local mailbox
/var/spool/mail/username,
where username is the login name of the
selected user. To read e-mails after installation, you can use any
e-mail client, for example KMail or Evolution.
-
-
This option automatically logs the current user in to the system when
it starts. This is mainly useful if the computer is operated by only
one user.
WARNING: Automatic Login
With the automatic login enabled, the system boots straight into your
desktop with no authentication at all. If you store sensitive data on
your system, you should not enable this option if the computer can also
be accessed by others.
1.11.1 Expert Settings
Click in the Create User dialog to set up
network authentication or, if present, import users from a previous
installation. Also change the password encryption type in this dialog.
You can also add additional user accounts or change the user
authentication method in the installed system. For detailed information
about user management, see Section 5.0, Managing Users with YaST.
The default authentication method is . If a former version of openSUSE or another
system using /etc/passwd is detected, you may
import local users. To do so, check and click . In
the next dialog, select the users to import and finish with
.
Access to the following network authentication services can be
configured:
- LDAP
-
Users are administered centrally on an LDAP server for all systems in
the network. More information is available in
Section 26.4, Configuring an LDAP Client with YaST,
(↑ Reference ).
- NIS
-
Users are administered centrally on a NIS server for all systems in
the network. See Section 25.2, Configuring NIS Clients,
(↑ Reference ) for more
information.
- Windows Domain
-
SMB authentication is often used in mixed Linux and Windows networks.
and
.
Along with user administration via and
, you can use Kerberos authentication. To use it,
select .
.
NOTE: Content of the Authentication Menu
If you have chosen a custom package selection for installation, not all
mentioned authentication methods may be displayed, because the required
packages are not installed.
1.11.2 Password for the System Administrator root
If you have not chosen in the previous step, you will be prompted to
enter a Password for the System Administrator root. Otherwise this
configuration step is skipped.
root is the name of the superuser, the administrator of the
system. Unlike regular users, who may or may not have permission to do
certain things on the system, root has unlimited power to do
anything: change the system configuration, install programs, and set up
new hardware. If users forget their passwords or have other problems
with the system, root can help. The root account should only
be used for system administration, maintenance, and repair. Logging in
as root for daily work is rather risky: a single mistake could
lead to irretrievable loss of system files.
For verification purposes, the password for root must be entered
twice. Do not forget the root password. Once entered, this
password cannot be retrieved.
The root can be changed any time later in the installed system. To
do so run YaST and start .
WARNING: The root User
The user root has all the permissions needed to make changes to
the system. To carry out such tasks, the root password is
required. You cannot carry out any administrative tasks without this
password.
