A practical Claude Code setup using a separate system account

Claude Code is run with most permission checks skipped, but only inside a separate user account to reduce damage if something goes wrong. The main personal account contains AWS access, Kubernetes access, SSH keys, GitHub access, customer environment files, browser logins, and email, so letting an AI tool work there would expose too much. The separate account has similar setup files and project folders, but no secrets.

It has its own SSH key for GitHub, protected by a password, while the human still handles important push and pull actions. Postgres is also separated with development and test users and databases, without admin rights. The workflow uses tmux: one window stays available for human checks, extra tests, commits, and diffs, while another window runs Claude Code.

Some add a local remote pointing to the human account’s copy, which makes it easier to pass code back and forth before sharing it publicly. The remaining concerns are Linux bugs, VM s, sudo access, and Docker, because adding the AI account to powerful groups would weaken the separation.

Key points

  • Run Claude Code from a separate user account, not the main personal account.
  • Keep secrets such as customer files, , and cloud out of the AI account.
  • Use a separate SSH key for GitHub and keep major push and pull actions under human control.
  • Give the AI account limited Postgres access for development and testing, without admin rights.
  • Be careful with sudo, Docker, VM s, and Linux risks.
Read original