Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

General Network Management Commands

XSR CLI Reference Guide 1-13

username

Thiscommandaddsauser,privilegelevel,password,andencryptiontypeforthoseaccessingthe

XSR.Assigningprivilegelevelsletsyoucontrolwhichuserscanmanageselectiveresources.The

usernamecommandcanalsobeusedinconjunctionwiththeprivilegecommandtoassociate

usernameswithparticularconfigurationmodes.Forexample,ifconfiguringT1/E1requiresthata

userhaveaprivilegelevelof6orhigher,anyuserwithaprivilegeof5orlowerwouldbe

prohibitedfromconfiguringtheT1/E1controller.

Admin/Administrative Users

Thereisaspeciallevel15usercalledadminforwhichyoucansetapasswordbyspecifyingadmin

nameasauser.Thedefaultpasswordforadminisnull(thatis,thezerolengthstring““).

Anyuserwithaprivilegeof15isconsideredanadministrator.Inatleast

oneofthefivepermitted

Telnet/SSHsessions,anadministrativeusermustbelogged.Ifthefirstfoursessionsareinuseby

regularusers,thenthefifthsessionwillonlyallowanadministratortologin,otherwiseanyuser

canlogintothefifthsession.Ifoneofthefirstfoursessions

hasanadministratorloggedin

already,thenthefifthsessioncanbeanyuser.Thisruleismeanttoensurethattheadministrator

canalwayslogin.

The

show running-configcommanddisplaysuserinformation.Bycontrast,consulttheaaa

client

commandwhichconfiguresauserwithAAAsecuritybytheXSRauthentication

database.

Syntax

username name [privilege level] password {cleartext | secret type} password

Syntax of the “no” Form

Thenoformofthiscommanddeletesauser.Ifnouserexists,thecommand willbeignored.Also,

thiscommandwillremovetheadminuserprovideditisissuedbyanotheradministrator.

no username name

Caution: We recommend that you add no more than 3000 users due to a size limit for the the

user.dat file. Also, we suggest keeping usernames and passwords as short as possible to avoid

breaching the 200 Kbyte limit.

name

UserID.

privilege

Associatesaprioritylevelwiththisuser.

level

Priorityassociatedwiththisuser,rangingfrom0to15(highest).Iftheprivilege

ischangedwhiletheXSRisbeingset,thechangeoccursimmediately.

password

Associatesapasswordwiththisusername.

cleartext

Passwordwillnotbeencrypted.

secret

Passwordwillbeencrypted.

type

0indicatesthepasswordisexpectedtobeunencrypted,5indicatestheinput

passwordisexpectedtobeencryptedalready,soitwillnotbeencryptedagain.

password

ThepasswordassociatedwiththespecifieduserID.Usersarestoredinthe

startup-configfile.

Ifyouchooseasecretpasswordwithanoptionalparameterof5,thenyoumust

providethepasswordinencryptedform.

previous next