User Access

User Access can be sub divided in two layers:

• Application User Access - explaines how to configure application login.
• Controller User Access - explaines how to configure controller login.

Configure Application User Access

The application defines three user groups, each with distinct permission levels:

• administrator – Can view, modify, and save all system parameters.
• operator – Can view and modify only input parameters.
• monitor – Has read-only access and cannot modify any parameters.

The system includes three default accounts:

• administrator, is part of the administrator group, default login password: administrator.
• operator is part of the operator group, default login password: operator.
• monitor is part of the operator group, default login password: monitor.

The configure accounts.conf section, explains how to change a default account password. Login is enabled after activation inside the config.json.

Configure accounts.conf

You can add an account or change an existing account via the accounts.conf located in the config folder. An account is created with the following format:

username:groupId password_hash

1. Replace username, by a the name of your choice.

2. The groupID defines the user access rights:

   • 3 = administrator
   • 7 = operator
   • 15 = monitor

3. Replace the password_hash to an openSSL-encoded password generated via cockpit terminal and command:

   • openssl passwd -6 myAwesomePassword
   • Fill a password of your choice for myAwesomePassword

In case you want to change a default account password, you need to use the same username and groupID, the password_hash can be replaced by the a password of your choice for example:

accounts.conf change default passwords example:

administrator:3 $6$pP7yN5SHfloRh3SO$SGzcD1HPd9bvba2mwe.x7qPNOATDtsyp9aFhsbWswQ72Hy8TuIYVpVpNixsIKqkx8O6TI.RdL7nmNJVATvhLs/
operator:7 $6$QVzv7xLJcX.Q09Xc$6MiqIvMbpOZ3EQmmxLyYEauKf1Q5dL7JTHHNYKpllkhADjaCV1TyryXZsUMjTXXfPa6axnb8n3HMpvGvf2B9b0
monitor:15 $6$tGM1ioTsUaBzv.LI$t1WQmXmCJPA5UepNsBg.40x87U.fKqscSSDmw/eAIM3r8ehGPObdIYhM5en7fbVr1l8gsjTVVH/pZwdXKVzVY/

4. You can disable the default accounts by adding the following lines to your accounts.conf:

administrator disable 
operator disable 
monitor disable

accounts.conf example disable administrator access:

administrator:3 $6$pP7yN5SHfloRh3SO$SGzcD1HPd9bvba2mwe.x7qPNOATDtsyp9aFhsbWswQ72Hy8TuIYVpVpNixsIKqkx8O6TI.RdL7nmNJVATvhLs/
operator:7 $6$QVzv7xLJcX.Q09Xc$6MiqIvMbpOZ3EQmmxLyYEauKf1Q5dL7JTHHNYKpllkhADjaCV1TyryXZsUMjTXXfPa6axnb8n3HMpvGvf2B9b0
monitor:15 $6$tGM1ioTsUaBzv.LI$t1WQmXmCJPA5UepNsBg.40x87U.fKqscSSDmw/eAIM3r8ehGPObdIYhM5en7fbVr1l8gsjTVVH/pZwdXKVzVY/
administrator disable

Now you have configured an account inside the accounts.json

Enable User Login

You can enable the user login via the config.json file. Change Login from disable to enable.

  "Server": {
    "Default": {
      "URL": "wss://*:5568:5567",
      "Direction": "listen",
      "Login": "enable",
      "Accounts": "accounts.conf"
      "Certificate": "/etc/ssl/certs/motorcortex.pem"
    }
  },

Now it is required to fill in the username and password every time you are connecting to either:

• Log in to DESK-Tool.
• Log in to [GRID-Tool]

Configure Controller User Access

The controller includes two default user accounts with different permission levels:

• admin – Has full administrative privileges, including sudo access to all system files and directories. This user can modify, save, and manage any file or configuration on the controller.
• operat – Has limited access and cannot use sudo. This user can view, copy, and edit files only within the home directory and is allowed to execute commands that do not require elevated privileges.

Change user password on your controller?

For security reasons it is highly recommended to change user password of your controller:

Change admin password

The next steps explain you, how to change the default admin password: vectioneer to a password of your choice:

1. Login to cockpit with admin credentials.

Default user name: admin
Default password: vectioneer

2. Browse to the terminal and reset admin user password:

sudo passwd admin

3. Enter password for sudo per default vectioneer,

4. Enter your new password:, after which you retype your new password:

If successful you receive the message: password update successfully. Now you can log in with admin and your new password.

Change operat password

The next steps explain you, how to change the default operat password: operat to a password of your choice:

1. Login to cockpit with admin credentials.

Default user name: admin
Default password: vectioneer

2. Browse to the terminal and reset operat user password:

sudo passwd operat

3. Enter password for sudo per default vectioneer.

4. Enter your new password:, after which you Retype your new password:

If successful you receive the message: password update successfully. Now you can log in with operat and your new password.