[edit system] Hierarchy Level
system {
accounting {
events [ login change-log interactive-commands ];
destination {
tacplus {
server {
server-address {
server password;
single-connection;
timeout seconds;
port port-number;
}
}
}
}
}
archival {
configuration {
transfer-interval interval;
transfer-on-commit;
archive-sites {
ftp://<username>:<password>@<host>:<port>/<url-path>;
}
}
}
authentication-order [ authentication-methods ];
backup-router address <destination destination-address>;
compress-configuration-files;
default-address-selection;
diag-port-authentication (encrypted-password "password" | plain-text-password);
domain-name domain-name;
domain-search [domain-list];
host-name host-name;
location {
altitude feet;
country-code code;
hcoord horizontal-coordinate;
lata service-area;
latitude degrees;
longitude degrees;
npa-nxx number;
postal-code postal-code;
vcoord vertical-coordinate;
}
login {
message text;
class class-name {
allow-commands "regular-expression";
allow-configuration "regular-expression";
deny-commands "regular-expression";
deny-configuration "regular-expression";
idle-timeout minutes;
permissions [ permissions ];
}
user user-name {
full-name complete-name;
uid uid-value;
class class-name;
authentication {
(encrypted-password "password" | plain-text-password);
ssh-rsa "public-key";
ssh-dsa "public-key";
}
}
}
mirror-flash-on-disk;
name-server {
address;
}
no-redirects;
no-saved-core-context;
ntp {
authentication-key key-number type type value password;
boot-server address;
broadcast <address> <key key-number> <version value> <ttl value>;
broadcast-client;
multicast-client <address>;
peer address <key key-number> <version value> <prefer>;
server address <key key-number> <version value> <prefer>;
trusted-key [ key-numbers ];
}
ports {
auxiliary {
type terminal-type;
}
console {
type terminal-type;
}
}
processes {
disk-monitoring (enable | disable);
inet-process (enable | disable) failover (alternate-media | other-routing-engine);
interface-control (enable | disable) failover (alternate-media | other-routing-engine);
mib-process (enable | disable) failover (alternate-media | other-routing-engine);
ntp (enable | disable) failover (alternate-media | other-routing-engine);
routing (enable | disable) failover (alternate-media | other-routing-engine);
snmp (enable | disable) failover (alternate-media | other-routing-engine);
watchdog (enable | disable) failover (alternate-media | other-routing-engine) timeout seconds;
}
radius-server server-address {
port number;
retry number;
secret password;
timeout seconds;
}
root-authentication {
(encrypted-password "password" | plain-text-password);
ssh-rsa "public-key";
ssh-dsa "public-key";
}
services {
finger {
<connection-limit limit>;
<rate-limit limit>;
}
ftp {
<connection-limit limit>;
<rate-limit limit>;
}
rlogin {
<connection-limit limit>;
<rate-limit limit>;
}
ssh {
root-login (allow | deny | deny-password);
protocol-version [v1 v2];
<connection-limit limit>;
<rate-limit limit>;
}
telnet {
<connection-limit limit>;
<rate-limit limit>;
}
}
static-host-mapping {
host-name {
inet [ address ];
sysid system-identifier;
alias [ alias ];
}
}
syslog {
file filename {
facility level;
archive {
files number;
size size;
(world-readable | no-world-readable);
}
}
host hostname {
facility level;
facility-override facility;
log-prefix string;
}
user (username | *) {
facility level;
}
console {
facility level;
}
archive {
files number;
size size;
(world-readable | no-world-readable);
}
}
tacplus-server server-address {
secret password;
single-connection;
timeout seconds;
}
time-zone time-zone;
} # End of [edit system] hierarchy level