This article describes authentication paths for a user in IGA Xpress and discusses scenarios when password is different on different nodes of the cluster.

IGA Xpress 1.0.5

After installation igx user logs into IGA Xpress console effectively using native Linux authentication. It means, for example, that the password can be changed via Linux native passwd igx command. It also means that the password can be different on different nodes of the cluster. It will stay that way even if igactl sync xpress command is run.

When the password is changed via igactl passwdxp command, it creates /opt/brcm/iga/xpress_conf/auth.json file, which switches authentication from native Linux to application mode on this node. Until igactl sync xpress command is run, the other nodes will use previous authentication mode and previous passwords.

When /opt/brcm/iga/xpress_conf/auth.json file is removed, it switches authentication mode on this node from application to native Linux. It will not affect other nodes until igactl sync xpress command is run, which effectively removes /opt/brcm/iga/xpress_conf/auth.json file on other nodes and switches them to native Linux authentication. If other nodes used different passwords for this user in native Linux authentication, the passwords will be different across the cluster for this user.

Main article: IGA Xpress Authentication