Shell Users

What are Shell Users?

Shell users are used for SSH and SFTP access to your files and run the processes for applications that run as backend servers.

Important

Your site applications run as the shell user that owns them. This means that any application owned by a single shell user can potentially spawn proccesses to access or modify files and data for any other application belonging to that same shell user.

For this reason, we very strongly recommend that you use a separate shell user for each website or project that you operate on your Opalstack account.

Doing so will, for example, ensure that malware introduced via an outdated application cannot spread to the applications belonging to your other shell users.

Adding a Shell User

  1. Click on Applications in the dashboard sidebar.

  2. Click the button labeled "Add Shell User" in the upper-right corner of the content area. A form will appear.

  3. Use the Server dropdown list to select the server for your new shell user.

  4. Enter the desired username for your new shell user in the "Shell userame" field.

  5. Click the "Add Shell User" button to save your new shell user.

  6. The new shell user will appear in the dashboard with a progress indicator while it is being created. The indicator will disappear out when shell user is ready.

  7. The new shell user's initial password is available in the Notice Log.

Note that shell users must be unique on each server - that is, two shell users with the same name cannot exist on the same server. If, after saving your shell user, you see the error message "This username is already in use on the server", then go back to step 3 and use a different name.

Viewing API Details for Shell Users

You can view the API details for your shell users via your Opalstack dashboard.

  1. Click on Applications in the dashboard sidebar.

  2. Click the API icon (brackets) for the shell user in the upper section of the page. A window with the JSON API representation of the shell user will appear.

  3. When you are finished, click the "Close" button.

Changing a Shell User's Password

  1. Click on Applications in the dashboard sidebar.

  2. Click the password icon (a key) for your shell user in the upper section of the page. A form will appear.

  3. Click the key icon in the right column for your shell user. A form will appear.

  4. Enter your new password in the field labeled "New Password".

    Passwords must meet the following requirements:

    • Passwords must be from 10 to 64 characters in length
    • Passwords must contain 1 or more of each of the following types of characters:
      • Lowercase letters (a-z)
      • Uppercase letters (A-Z)
      • Numerals (0-9)
      • Special Characters (+-*/\.,:;!?#$%&@=^_~|<>()[]{})

  5. Enter your new password again in the field labeled "Verify Password". A purple "Change Password" button will appear.

    When you've entered identical valid passwords in both fields, the red field borders will turn black and a purple "Change Password" button will appear.

  6. Click the "Change Password" button to save your new password.

You can also change a shell user's password by executing the passwd command while logged in to a SSH session as that user.

Deleting Shell Users

Important

Deleting a shell user will delete all of the applications, files, and cron jobs owned by that shell user.

  1. Click on Applications in the dashboard sidebar.

  2. Click the delete icon (a trash bin) for your user in the right edge of the user list.

  3. A confirmation prompt will appear. Click the "Delete Shell Users" button to confirm the operation, or click the cancel button to cancel it.

  4. The dashboard will display a progress indicator while the shell user is being deleted. The indicator will disappear when the operation is complete.