Create a local user in this step. Administrating local users is a suitable option for stand-alone workstations. If setting up a client on a network with centralized user authentication, click and proceed with the Section 1.11.1, “Expert Settings”.
After entering the first name and last name, either accept the proposal or specify a new that will be used to log in. Finally, enter a password for the user. Reenter it for confirmation (to ensure that you did not type something else by mistake). To provide effective security, a password should be between five and eight characters long. The maximum length for a password is 72 characters. However, if no special security modules are loaded, only the first eight characters are used to discern the password. Passwords are case-sensitive. Special characters (7-bit ASCII) and the digits 0 to 9 are allowed. Other special characters like umlauts or accented characters are not allowed.
Passwords you enter are checked for weakness. When entering a password that is easy to guess (such as a dictionary word or a name) you will see a warning. It is a good security practice to use strong passwords.
![[Important]](admon/important.png) | Username and Password |
|---|---|
Remember both your username and the password because they are needed each time you log in to the system. | |
Three additional options are available:
If checked, the same password you have entered for the user will be used for the system administrator
root. This option is suitable for stand-alone workstations or machines in a home network that are administrated by a single user. When not checked, you are prompted for a system administrator password in the next step of the installation workflow (see Section 1.11.2, “Password for the System Administratorroot”).Checking this box sends messages created by the system services to the user. These are usually only sent to
root, the system administrator. This option is useful for the most frequently used account, because it is highly recommended to log in asrootonly in special cases.The mails sent by system services are stored in the local mailbox
/var/spool/mail/username, whereusernameis the login name of the selected user. To read e-mails after installation, you can use any e-mail client, for example KMail or Evolution.This option automatically logs the current user in to the system when it starts. This is mainly useful if the computer is operated by only one user.
![[Warning]](admon/warning.png) | Automatic Login |
|---|---|
With the automatic login enabled, the system boots straight into your desktop with no authentication at all. If you store sensitive data on your system, you should not enable this option as long as the computer can also be accessed by others. | |
Click in the Create User dialog to set up network authentication or, if present, import users from a previous installation. Also change the password encryption type in this dialog.
You can also add additional user accounts or change the user authentication method in the installed system. For detailed information about user management, see Chapter Managing Users with YaST (↑Reference).
The default authentication method is . If a former version of openSUSE or another
system using /etc/passwd is detected, you may
import local users. To do so, check and click . In
the next dialog, select the users to import and finish with
.
Access to the following network authentication services can be configured:
- LDAP
Users are administered centrally on an LDAP server for all systems in the network. More information is available in Section “Configuring an LDAP Client with YaST” (Chapter 4, LDAP—A Directory Service, ↑Security Guide).
- NIS
Users are administered centrally on an NIS server for all systems in the network. See Section “Configuring NIS Clients” (Chapter 3, Using NIS, ↑Security Guide) for more information.
- Windows Domain
SMB authentication is often used in mixed Linux and Windows networks. and Section “Configuring a Linux Client for Active Directory” (Chapter 5, Active Directory Support, ↑Security Guide).
Along with user administration via and , you can use Kerberos authentication. To use it, select . For more information on Kerberos, refer to Chapter Network Authentication with Kerberos (↑Security Guide).
If you have not chosen in the previous step, you will be prompted to
enter a Password for the System Administrator root. Otherwise this
configuration step is skipped.
root is the name of the superuser, or the administrator of the
system. Unlike regular users (who may or may not have permission to
access certain areas or execute certain commands on the system),
root has unlimited access to change the system configuration,
install programs, and set up new hardware. If users forget their
passwords or have other problems with the system, root can help.
The root account should only be used for system administration,
maintenance, and repair. Logging in as root for daily work is
rather risky: a single mistake could lead to irretrievable loss of
system files.
For verification purposes, the password for root must be entered
twice. Do not forget the root password. Once entered, this
password cannot be retrieved.
The root can be changed any time later in the installed system. To
do so run YaST and start +.
| The root User |
|---|---|
The user | |