Nutanix Community Podcast: The age old EUC paradigm: Do you choose performance OR security
I am new to Nutanix, could you please suggest how to add a new user in CVM via putty?
You shall not create new users on the CVM, please check de Non configurable AHV Components https://portal.nutanix.com/page/documents/details?targetId=AHV-Admin-Guide-v6_5:ahv-nonconfigurable-components-r.html
Hope this helps
SSH to a CVM is done via the nutanix or admin user, not via others user accounts.
You can, however, use cluster lockdown to create specific certificates for specific users who need access to the console if you dont want to give the passwords or want to secure ssh access more.
Hi @bcaballero @JeroenTielen ,
Thanks for your quick response, we would like to manage the passwords with CyberArk, so they are asking us to provide another account for the reconciliation task.
It is not supported to create any additional users on the CVMs or AHV hosts.
Technically, it is possible to use traditional Linux tools (useradd) to create a user, but such user will be quite useless, because most of the Nutanix services and internal tools are bound to nutanix/admin users. Moreover, if you create any user on a CVM, that user will be deleted by the upgrade process next time you upgrade the AOS.
Thanks everyone for your response, I will update the same to the customer.
I hope you're well.
I too am working with a customer who uses CyberArk and we've had this discussion too!
In the end we agreed to use cluster lockdown and a managed ssh key (private held only within CyberArk) that is brokered on the user requesting behalf. We did raise this with Nutanix and CyberArk too so it will be on their radar.
It's not great and it is something I feel Nutanix could improve upon but it should be quite rare for BAU teams to need to log in via SSH unless investigating a problem.
Prism Pro is plenty helpful for most BAU tasks.
All the services are running under nutanix / admin users , creating any other user is useless.
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.