SecureStack User Login Settings and Limitations
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎12-03-2013 04:57 PM
Article ID: 9757
Products
C5, C3, C2-Series
B5, B3, B2-Series
A2-Series
Goals
Overview of the SecureStack user login settings and limitations as of December 2010.
Solution
By default there are three login accounts created on the switch: (no password).
Change the password for any account with the 'set password <account>' command:
C2(su)->set password admin
Please enter new password:4support
Please re-enter new password:4support
Password Changed.
C2(su)->
C2(su)->show system login
Password history size: 0
Password aging : disabled
Username Access State
admin super-user enabled
ro read-Only enabled
rw read-write enabled
C2(su)->
Create a new login account, or modify an existing account's access or status, with the 'set system login <username> <access> <status>' command:
C2(su)->set system login Enterasys read-write enable
C2(su)->
C2(su)->set system login Enterasys read-write enable password 4support
C2(su)->
C2(su)->clear system login Enterasys
C2(su)->
C2(su)->set system login Enterasys super-user enable password 4support
C2(su)->
C2(su)->set system login Enterasys super-user enable
C2(su)->clear system login Enterasys
Admin cannot be deleted
C2(su)->set system login Enterasys read-write enable
C2(su)->clear system login Enterasys
C2(su)->
The default "admin" account cannot be deleted or have its super-user access changed.
It can, however, be disabled with the 'set system login admin super-user disable' command (There must be at least one other user with super-user privileges before the admin user may be disabled.):
C2(su)->set system login admin read-write enable
Incorrect access for this default user.
Set was unsuccessful.
C2(su)->set system login admin super-user disable
C2(su)->
The minimum password length may be adjusted to anywhere within the range of 0-40 with the 'set system password length' command:
C2(su)->set system password length 4
C2(su)->set system login Enterasys read-write enable password 1234
C2(su)->
Force changed passwords to be non-duplicates of earlier passwords with the 'set system password history' command:
C2(su)->set system password aging 365
C2(su)->set system password history 10
C2(su)->
C2(su)->set system password aging disable
C2(su)->set system password history 0
C2(su)->
Set the system to lock an account after a number of failed login attempts with the 'set system lockout [attempts] [time ]' command:
C2(su)->set system lockout attempts 2 time 10
C2(su)->show system lockout
Lockout attempts: 2
Lockout time: 10 minutes.
C2(su)->set system lockout attempts 5
C2(su)->set system lockout time 5
C2(su)->show system lockout
Lockout attempts: 5
Lockout time: 5 minutes.
C2(su)->
C2(su)->show system login
Password history size: 0
Password aging : disabled
Username Access State
admin super-user enabled
ro read-Only disabled
rw read-write enabled
C2(su)->set system login ro read-only enable
C2(su)->
See also: 5628.
Products
C5, C3, C2-Series
B5, B3, B2-Series
A2-Series
Goals
Overview of the SecureStack user login settings and limitations as of December 2010.
Solution
By default there are three login accounts created on the switch:
- ro for read only access
- rw for read write access
- admin for administrator access
Change the password for any account with the 'set password <account>' command:
C2(su)->set password admin
Please enter new password:4support
Please re-enter new password:4support
Password Changed.
C2(su)->
- This would change the password to '4support', for the admin super-user.
C2(su)->show system login
Password history size: 0
Password aging : disabled
Username Access State
admin super-user enabled
ro read-Only enabled
rw read-write enabled
C2(su)->
Create a new login account, or modify an existing account's access or status, with the 'set system login <username> <access> <status>' command:
C2(su)->set system login Enterasys read-write enable
C2(su)->
- This would permit a user named 'Enterasys' to login using a blank password, for read-write access.
C2(su)->set system login Enterasys read-write enable password 4support
C2(su)->
- This would permit a user named 'Enterasys' to login using a password of '4support', for read-write access.
C2(su)->clear system login Enterasys
C2(su)->
- To restore a deleted account, it will need to be created again.
C2(su)->set system login Enterasys super-user enable password 4support
C2(su)->
- This would permit a user named 'Enterasys' to login using a password of '4support', for super-user access.
C2(su)->set system login Enterasys super-user enable
C2(su)->clear system login Enterasys
Admin cannot be deleted
C2(su)->set system login Enterasys read-write enable
C2(su)->clear system login Enterasys
C2(su)->
The default "admin" account cannot be deleted or have its super-user access changed.
It can, however, be disabled with the 'set system login admin super-user disable' command (There must be at least one other user with super-user privileges before the admin user may be disabled.):
C2(su)->set system login admin read-write enable
Incorrect access for this default user.
Set was unsuccessful.
C2(su)->set system login admin super-user disable
C2(su)->
The minimum password length may be adjusted to anywhere within the range of 0-40 with the 'set system password length
C2(su)->set system password length 4
C2(su)->set system login Enterasys read-write enable password 1234
C2(su)->
- The default minimum password length is 8 characters, and the maximum is 80 characters.
Force changed passwords to be non-duplicates of earlier passwords with the 'set system password history
C2(su)->set system password aging 365
C2(su)->set system password history 10
C2(su)->
- The default aging is disabled, and it can be adjusted within the range of 1-365 days.
C2(su)->set system password aging disable
C2(su)->set system password history 0
C2(su)->
Set the system to lock an account after a number of failed login attempts with the 'set system lockout [attempts
C2(su)->set system lockout attempts 2 time 10
C2(su)->show system lockout
Lockout attempts: 2
Lockout time: 10 minutes.
C2(su)->set system lockout attempts 5
C2(su)->set system lockout time 5
C2(su)->show system lockout
Lockout attempts: 5
Lockout time: 5 minutes.
C2(su)->
- The default number of attempts is 3 times, and it can be adjusted within the range of 1-15.
C2(su)->show system login
Password history size: 0
Password aging : disabled
Username Access State
admin super-user enabled
ro read-Only disabled
rw read-write enabled
C2(su)->set system login ro read-only enable
C2(su)->
See also: 5628.
0 REPLIES 0
