ProxMox

Commands

• Remove Enterprise repositories

  sed -i 's/^deb/#deb/g' /etc/apt/sources.list.d/pve-enterprise.list && echo "deb http://download.proxmox.com/debian/pve $(grep VERSION_CODENAME /etc/os-release | cut -d= -f2) pve-no-subscription" >> /etc/apt/sources.list && apt update

Notes

Photos

• Proxmox GUI Menu System

Proxmox User Management: PVE vs. PAM Realms

1. The PVE User (Virtual Web User)

Best For: Players, friends, or isolated administrative accounts.

• They exist only inside the Proxmox database.
• They cannot SSH into the physical server on Port 22.

Creation (GUI Only):

1. Datacenter > Permissions > Users > Add.
2. Enter a username and strong password.
3. CRITICAL: Set Realm to Proxmox VE authentication server.

---

2. The PAM User (Physical OS User)

Best For: Your master emergency access account.

• They are real users on the underlying Debian Linux OS.
• They can SSH directly into the bare-metal server on Port 22.

Creation (Two-Step Process):

1. CLI (The OS Level): Open the Proxmox root shell and type adduser <username>. Follow the prompts to set a password.
2. GUI (The Web Sync): Go to Datacenter > Permissions > Users > Add. Enter the exact same username.
3. CRITICAL: Set Realm to Linux PAM standard authentication. (No password needed here; Proxmox checks the Linux OS).

---

The RBAC Trap (Applies to BOTH Users) zero permissions. They will see a completely blank dashboard until you give them keys.

By default, new users have

How to grant power:

1. Datacenter > Permissions > Add > User Permission.
2. Path: / (Controls the whole datacenter. Use /vms/100 to restrict to a single VM).
3. User: Select the account you just created.
4. Role: > > * Administrator: Full hypervisor control.
   • PVEVMAdmin: Can create/destroy VMs, but can’t touch physical storage/network.
   • PVEVMUser: Can only start/stop/view existing VMs.