[Contents] [Prev] [Next] [Index] [Report an Error]

User Accounts for the SRC Software

User accounts provide one way for users to access the system. For each account, you define the login name for the user, properties for the user account, and authentication information. After you create an account, the software creates a home directory for the user when the user logs in to the system for the first time.

Each user has a home directory on the C Series Controller, which is created the first time that the user logs in. Home directories that have the same name as the user ID are created in the /var/home directory; for example, the home directory for a user with the user ID Chris_Bee is /var/home/Chris_Bee.

Configuration Statements for SRC User Accounts

Use the following configuration statements to configure user accounts at the [edit] hierarchy level.


            
               system login user  user-name  { 
               
               class  class;  
               
               full-name  full-name;  
               
               uid  uid;  
               
               prompt prompt;
               level (basic | normal | advanced | expert);
               complete-on-space (on | off);
               }
               system login user  user-name  authentication {
               
               plain-text-password;
               encrypted-password " password  "; 
               
               ssh-authorized-keys [ssh-authorized-keys ...];
               
               }

For detailed information about each configuration statement, see the SRC PE CLI Command Reference.

Configuring an SRC User Account

To configure a user account:

From configuration mode, access the configuration statement that configures a user account, and specify a username that identifies the user.
[edit] user@host# edit system login user user-name

The username must be unique within the system. Do not include spaces, colons, or commas in the username. For example:

[edit] user@host# edit system login user JASmith [edit system login user JASmith]

user@host#
Specify the name of the login class that defines the user’s access privilege. [edit system login user user-name]
[edit system login user user-name ] user@host# set class class

The login class is one of the login classes that you defined in the class statement at the [edit system login] hierarchy level, or one of the default classes listed in Table 7 on page 64.
Specify the user’s full name.
[edit system login user user-name ] user@host# set full-name full-name

If the full name contains spaces, enclose it in quotation marks. Do not include colons or commas. For example:

[edit system login user JASmith] user@host# set full-name “ John A. Smith”
(Optional) Specify a user identifier (UID) for the user.
[edit system login user user-name ] user@host# set uid uid

The identifier must be a number in the range 0 through 64,000 and must be unique within the system. If you do not assign a UID to a username, the software assigns one when you commit the configuration, preferring the lowest available number.

You must ensure that the UID is unique. However, it is possible to assign the same UID to different users.
(Optional) Specify a prompt that the user sees at the SRC CLI
[edit system login user user-name ] user@host# set prompt prompt
(Optional) Specify the editing level available to the user. The level determines which configuration commands are visible to the user.
[edit system login user user-name ] user@host# set level (basic | normal | advanced | expert)

where:
- basic—Minimal set of configuration statements and commands— only the statements that must be configured are visible.
- normal—Normal set of configuration statements and commands— the common and basic statements are visible.
- advanced—All configuration statements and commands, including the common and basic ones, are visible.
- expert—All configuration statements, including common, basic, and internal statements and commands used for debugging, are visible.
(Optional) Specify whether entering a space completes a command.
[edit system login user user-name ] user@host# set complete-on-space (on | off)

If you do not enter a value, complete-on-space is enabled by default.
Define the authentication methods that a user can use to log in to a C Series Controller.
See Types of Authentication for SRC User Accounts .

Display the results of the configuration.

[edit system login]
user@host# show
. . .
user JASmith {
  class network-mgmt;
  full-name "John A. Smith";
  uid 507;
  gid 100;
  authentication { 
    encrypted-password "{crypt}caZEWDaE1au0c";
  }
  level normal;
  complete-on-space on;
}

Display the results of the configuration.

[edit system login]
user@host# show
. . .
user JASmith {
  class network-mgmt;
  full-name "John A. Smith";
  uid 507;
  gid 100;
  authentication { 
    encrypted-password "{crypt}caZEWDaE1au0c";
  }
  level normal;
  complete-on-space on;
}

[Contents] [Prev] [Next] [Index] [Report an Error]