After completing the basic system setup and the installation of all selected
software packages, provide a password for the account of the
system administrator (the
user). You can then configure your Internet access and network connection.
With a working Internet connection, you can perform an update of
the system as part of the installation. You can also configure an
authentication server for centralized user administration in a local
network. Finally, configure the hardware devices
connected to the machine.
root is the name of the superuser, the administrator of
the system. Unlike regular users, which may or may not have permission to
do certain things on the system,
root has unlimited power to do anything:
change the system configuration, install programs, and set up new hardware.
If users forget their passwords or have other problems with the system,
root can help. The
root account should only be used for system
administration, maintenance, and repair. Logging in as
root for daily work is rather risky: a
single mistake could lead to irretrievable loss of many system files.
For verification purposes, the password for
root must be entered
twice, as shown in Figure 1.12, “Setting the root Password”. Do not forget the
root password. Once entered, this
password cannot be retrieved.
|The root User|
You can now configure any network devices for a connection to the outside world, such as network cards, modems, and ISDN or DSL hardware. If you have such devices, it is a good idea to configure them now, because an Internet connection allows YaST to retrieve any available SUSE LINUX updates and include them in the installation.
To configure your network hardware at this stage, refer to Section 22.4, “Configuring a Network Connection with YaST”. Otherwise, select and click . The network hardware can also be configured after the system installation has been completed.
When you connect to a network, a firewall is started automatically on the configured interface. The firewall settings are displayed in the network configuration dialog. The configuration proposal for the firewall is updated automatically every time the configuration of the interfaces or services is modified. To adapt the automatic settings to your own preferences, click Section 18.104.22.168, “Configuring with YaST”.+ . In the new dialog, determine whether the firewall should be started. If you do not want the firewall to be started, select the appropriate option and exit the dialog. To start and configure the firewall, click for a series of dialogs similar to those described in
If you have configured an Internet connection, you can test it now. For this purpose, YaST establishes a connection to the SUSE server and checks if any product updates are available for your version of SUSE LINUX. If there are such updates, they can be included in the installation. Also, the latest release notes are downloaded. You can read them at the end of the installation.
If you do not want to test the connection at this point, selectthen . This also skips downloading product updates and release notes.
If YaST was able to connect to the SUSE servers, select whether to perform a YaST online update. If there are any patched packages available on the servers, download and install them now to fix known bugs or security issues.
|Downloading Software Updates|
The download of updates might take quite some time, depending on the bandwidth of the Internet connection and on the size of the update files.
To perform a software update immediately, select Section 2.2.3, “YaST Online Update”. This kind of update can be performed at any time after the installation. If you prefer not to update now, select then click .and click . This opens YaST's online update dialog with a list of the available patches (if any), which can be selected and loaded. To learn about the process, read
If the network access was configured successfully during the previous steps of the installation, you now have four possibilities for managing user accounts on your system.
Users are administered locally on the installed host.
This is a suitable option for stand-alone workstations. The user data is
managed by the local file
Users are administered centrally on an LDAP server for all systems in the network.
Users are administered centrally on a NIS server for all systems in the network.
SMB authentication is often used in mixed Linux and Windows networks.
If all requirements are met, YaST opens a dialog in which to select the user administration method. It is shown in Figure 1.15, “User Authentication”. If you do not have the necessary network connection, create local user accounts.
To implement the user administration via NIS, configure a NIS client in the next step. This section only describes the configuration of the client side. Configuration of a NIS server with YaST is described in Chapter 25, Using NIS.
In the following dialog, shown in Figure 1.16, “NIS Client Configuration”, first select whether the host has a static IP address or gets one via DHCP. If you select DHCP, you cannot specify a NIS domain or NIS server address, because these are provided by the DHCP server. Information about DHCP is available in Chapter 27, DHCP. If a static IP address is used, specify the NIS domain and the NIS server manually.
To search for NIS servers broadcasting in the network, check the relevant option. You can also specify several NIS domains and set a default domain. For each domain, selectto specify several server addresses or enable the broadcast function on a per-domain basis.
In the expert settings, use ypbind.to prevent other network hosts from being able to query which server your client is using. If you activate , responses from servers on unprivileged ports are also accepted. For more information, refer to the man page of
If you decide against using an authentication server for user authentication, create local users. Any data related to user accounts (name, login, password, etc.) is stored and managed on the installed system.
Linux is an operating system that allows several users to work on the same system at the same time. Each user needs a user account to log in to the system. By having user accounts, the system gains a lot in terms of security. For instance, regular users cannot change or delete files needed for the system to work properly. At the same time, the personal data of a given user cannot be modified, viewed, or tampered with by other users. Users can set up their own working environments and always find them unchanged when logging back in.
A user account can be created using the dialog shown in Figure 1.17, “Entering the Username and Password”. After entering the first name and last name, specify a username (login). Click for the system to generate a username automatically.
Finally, enter a password for the user. Reenter it for confirmation (to ensure that you did not type something else by mistake). The username tells the system who a user is and the password is used to verify this identity.
|Username and Password|
Remember both your username and the password because they are needed each time you log in to the system.
To provide effective security, a password should be between five and eight characters long. The maximum length for a password is 128 characters. However, if no special security modules are loaded, only the first eight characters are used to discern the password. Passwords are case-sensitive. Special characters like umlauts are not allowed. Other special characters (7-bit ASCII) and the digits 0 to 9 are allowed.
Two additional options are available for local users:
Checking this box sends the user messages created by the system
services. These are usually only sent to
root, the system
option is useful for the most frequently used account, because it is
highly recommended to log in as
root only in special cases.
This option is only available if KDE is used as the default desktop. It automatically logs the current user into the system when it starts. This is mainly useful if the computer is operated by only one user.
With the automatic login enabled, the system boots straight into your desktop with no authentication at all. If you store sensitive data on your system, you should not enable this option if the computer can also be accessed by others.
After completing the user authentication setup, YaST displays the release notes. Reading them is advised because they contain important up-to-date information that was not available when the manuals were printed. If you have installed update packages, you will be reading the most recent version of the release notes, as fetched from SUSE's servers.