Managing Login AccountsDescribes how to change your password and enable key-based authentication for gateway login accounts.Leave FeedbackIntroductionThe OpsRamp gateway has two user accounts: admin and ruser. Both accounts help in activities related to administrative, configuration, and basic troubleshooting.Administration User (admin): An admin can access the Gateway Web interface and command line interface for administration activities.These activities include credentials configuration, gateway registration, date and time change, and network settings. This account does not provide shell access to the gateway appliance.System User (ruser): An ruser can access gateway command line interface with sudo privileges to perform basic troubleshooting activities, such as accessing the gateway’s log files, ping and SNMP walk. A system user can access a gateway directly using the key-based authentication also.Changing passwordsThe default passwords for admin and ruser accounts are available from the OpsRamp Console. Navigate to Setup, Download and click Gateway to access password settings.ImportantAll users must change the default password during the first login. Passwords can be changed using the command-line interface or the gateway web interface.Command line interfaceTo change the password:Using SSH, log into the gateway’s command line interface with your username and password, .Follow the menu options to change the password.Gateway web interfaceTo change the password:From your browser, log into gateway https://<gatewayip>:5480, using your credential.Follow instructions in the web interface to change your password.ImportantAll users must change the default password during the first login.Enabling key-based authenticationKey-based authentication is allowed only for the system user. This authentication helps the ruser to log into the gateway with a private key instead of a password. A public key and a private key combination is used to authenticate the login.ImportantIf key-based authentication is enabled for the system user, then the password-based login is disabled. Passwords can be reset to the default settings.To generate a public and private key:Log into your Linux machine and open a terminal.At the shell prompt and type the following command: ssh-keygen -t rsaThe ssh-keygen program prompts you for the location of the key file.Press Enter to accept the default location.Optionally, specify a passphrase to protect your key material.Press Enter to omit the passphrase. The output of the program appears as below.Enter file in which to save the key (/Users/user1/.ssh/id_rsa): Created directory '/Users/user1/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/user1/.ssh/id_rsa. Your public key has been saved in /Users/user1/.ssh/id_rsa.pub. Open the id_rsa.pub file and copy the content.Make sure to copy the public key properly without any space at the beginning or end.On Gateway web user interface:Go to the Password page.Paste the public key in the Provide Public Key box for the Appliance System user.Click Save.SuccessThe gateway is enabled with the key-based login.ImportantAlways keep your private key in a safe place to access the gateway as a system user.