NSP user accounts

NSP RHEL user

An NSP component installation creates a local ‘nsp’ RHEL user group and an ‘nsp’ user in the group that owns the local NSP component processes. The nsp user has administrative control over NSP maintenance and deployment functions.

The nsp user home directory is the NSP installation base directory, /opt/nsp. The initial nsp password is randomly generated, and must be changed by the root user during the initial login attempt.

Note: NSP software uninstallation does not remove the nsp user account, user group, or home directory.

Note: root-user privileges are required only for low-level operations such as deployment functions and support intervention.

Disabling remote root access

For increased security in accordance with CIS recommendations, you can disable root-user access to the NSP deployer host and NSP cluster VMs for remote operations such as SCP and SSH. If you disable remote root access, you must specify a designated root-equivalent user and security key in the Kubernetes and NSP deployer configurations. The specified user requires sudo privileges on the NSP deployer host and on each NSP cluster VM.

NSP system administrator

A new NSP system has one user account for NSP access. The ‘admin’ user has full NSP UI and system administration privileges, and access to all NSP functions.

Note: Only the admin user, or a user with equivalent administrative privileges, has access to NSP administrative functions.