User management in Linux

The following sections explain how Advanced Server Access manages users on Linux servers.

Usernames

By default, Advanced Server Access creates server usernames that follow the most restrictive Linux naming conventions. Usernames can contain lowercase letters (a-z), numbers (0-9), dashes (-), and underscores (_), can't be a reserved name, and have a maximum length of 32 characters. In the event a username collision occurs, an attempt is made to differentiate between users by appending a number to the server username.

Server account permission

Server account permissions are managed at the group level. When a user belongs to multiple groups on a project, the user has a combination of all the permissions granted to the groups. See Team roles.

The server agent creates the sft-admin group that grants passwordless sudo to its members through a sudoers.d drop-in configuration file. If a user has admin permissions on the project, they'll be added to the sft-admin group, which in turn grants them the ability to use sudo.

User creation

Users are created and configured on Linux using standard tools, such as useradd and groupmod.

User and group updates

Standard tools are used to manage user and group updates, such as usermod, groupadd, and groupmod.

Deleting users

Users are deleted with userdel.