Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

user (Access)

Syntax

Hierarchy Level

Description

Configure access permission for individual users. Starting in Junos OS Release 18.3, the ssh-dsa hostkey algorithm is deprecated— rather than immediately removed—to provide backward compatibility and a chance to bring your configuration into compliance with the new configuration.

Options

authentication

Specify one or more authentication methods that a user can use to log in to the router or switch. You can assign multiple authentication methods to a single user.

encrypted-password

Message Digest 5 (MD5) or other encrypted authentication. Specify the MD5 or other password. You can specify only one encrypted password for each user.

CAUTION:

Do not use the encrypted-password option unless the password is already encrypted, and you are entering the encrypted version of the password.

If you accidentally configure the encrypted-password statement with a plain-text password or with blank quotation marks (" "), you will not be able to log in to the device as this user.

  • Range: You cannot configure a blank password for encrypted-password using blank quotation marks (" "). You must configure a password whose number of characters range from 1 through 128 characters and enclose the password in quotation marks.

no-public-keys

Disables ssh public key authentication for the user specified. If the no-public-keys statement is specified at the [edit system services ssh] hierarchy level, public key authentication is disabled for all users on the device.

ssh-ecdsa public-key

SSH version 2 authentication. Specify the ECDSA public key. You can specify one or more public keys for each user.

from host-list

Specify a pattern-list of allowed hosts.

ssh-ed25519 public-key

SSH version 2 authentication. Specify the ED25519 public key. You can specify one or more public keys for each user.

from host-list

Specify a pattern-list of allowed hosts.

ssh-rsa public-key

SSH version 2 authentication. Specify the RSA public key. You can specify one or more public keys for each user.

from host-list

Specify a pattern-list of allowed hosts.

class class-name

Assign a user to a login class. You must assign each user to a login class. Specify one of the classes defined at the [edit system login class] hierarchy level.

cli

Set the CLI prompt specified for a specified login user or specified login class. The prompt set for the login user has precedence.

prompt prompt

Specify the prompt string you want to see displayed in the CLI prompt.

full-name complete-name

Specify the user’s complete name. If the name contains spaces, enclose it in quotation marks. Do not include colons or commas.

uid uid-value

Numeric identifier associated with the user account, either assigned by an administrator or assigned automatically when you commit the user configuration. It is used by applications that request numeric identifiers, such as some RADIUS queries, or secure applications, such as flow-tap monitoring. This value must be unique on the router or switch.

  • Default: If you do not assign a UID to a user, the software assigns one when you commit the configuration, preferring the lowest available number.

  • Range: 100 through 64000

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.

Release Information

Statement introduced before Junos OS Release 7.4.

Statement no-public-keys introduced in Junos OS Release 15.1.

Statement cli introduced in Junos OS 17.3.