Configuring Users

Access parameters are configured for individual users. For each user, the login name and, optionally, information that identifies the user is defined. Use the following CLI syntax to configure access parameters for users. The snmp authentication des-key keyword is not available if the 7705 SAR node is running in FIPS-140-2 mode).

CLI Syntax:

config>system>security
    user-template template-name
    user user-name
        access [ftp] [snmp] [console]
        console
            cannot-change-password
            login-exec url-prefix:source-url
            member user-profile-name [user-profile-name...(up to 8 max)]
            new-password-at-login
        home-directory url-prefix [directory] [directory/directory ..]
        password [password]
        restricted-to-home
        snmp
            authentication {[none] | [[hash] {md5 key-1 | sha key-1} privacy {none | des-key key-2 | aes-128-cfb-key key-2}]}
            group group-name

The following displays an example of the command usage.

Example:

config>system>security
config>system>security# user 49ers
config>system>security>user$ access ftp snmp console
config>system>security>user$ console
config>system>security>user>console# member default ghost	
config>system>security>user>console# new-password-at-login
config>system>security>user>console# exit
config>system>security>user# password testuser1
config>system>security>user# restricted-to-home
config>system>security>user# exit

The following example displays the user configuration:

ALU-1>config>system>security# info
----------------------------------------------
...
            user "49ers"
                password "$2y$10$siOU8NvWRzFFtJjO5wA1I.7mr.57emDXUC14p6EZtO.pmr0aqLW
Sa"
                access console ftp snmp
                restricted-to-home
                console
                    member "default"
                    member "ghost"
                exit
            exit
...
--------------------------------------------
ALU-1>config>system>security#