This tutorial shows you how to add a local user and grant him/her password-based root access on a target host.

Key Concepts

  • How to add users (Step 2)
  • How to add roles (Step 3)
  • How to map users to roles (Step 4)
  • How to employ roles to grant access to target hosts (Steps 5-8)
  • How to connect to target hosts (Steps 9-11)

Steps

  1. Login to PrivX as superuser.


  2. Add a new local user via Settings -> Users -> Add User.

    The added user is shown in the users list.


  3. Add a new role via Settings -> Roles -> Add Role.

  4. Our local example user ttester is mapped to role Root for ttester via his username with the corresponding search string (cn=ttester). Please note Matching users: 1 on top right.

    The added role is shown in the roles list.   

  5. On Settings -> Hosts, click menu icon -> Edit on the host you want to allow connecting to.


  6. Click Add Service to add the necessary services on the target host. In this example we will add type SSH and check the SSH - Trust on first use option.


  7. Click Add Account to map the role Root for ttester onto the root account of this target host. Please note that you will need to know the root account password to complete this step.


  8. Click Save to save changes to services and accounts.

  9. To verify target host connectivity, logout as superuser and login as ttester.


  10. On Connections, click the address of the desired target host to initiate connection.


  11. User ttester is granted root access on the target host. The root account password needs not be given to gain access, it all happens thanks to PrivX magic!