Cisco Systems IPS 7.1 Home Security System User Manual


  Open as PDF
of 1042
 
4-17
Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1
OL-19892-01
Chapter 4 Setting Up the Sensor
Configuring Authentication and User Parameters
Caution The username command provides username and password authentication for login purposes only. You
cannot use this command to remove a user who is logged in to the system. You cannot use this command
to remove yourself from the system.
If you do not specify a password, the system prompts you for one. Use the password command to change
the password for existing users. Use the privilege command to change the privilege for existing users.
The username follows the pattern ^[A-Za-z0-9()+:,_/-]+$, which means the username must start with a
letter or number, and can include any letter A to Z (capital or small), any number 0 to 9, - and _, and can
contain 1 to 64 characters. A valid password is 8 to 32 characters long. All characters except space are
allowed.
You receive the following error messages if you do not create a valid password:
Error: setEnableAuthenticationTokenStatus : The password is too short.
Error: setEnableAuthenticationTokenStatus : Failure setting the account’s password:
it does not contain enough DIFFERENT characters
Note You cannot use the privilege command to give a user service privileges. If you want to give an existing
user service privileges, you must remove that user and then use the username command to create the
service account.
To add and remove users, follow these steps:
Step 1 Log in to the CLI using an account with administrator privileges.
Step 2 Enter configuration mode.
sensor# configure terminal
Step 3 Specify the parameters for the user.
sensor(config)# username username password password privilege
administrator/operator/viewer
For example, to add the user “tester” with a privilege level of administrator and the password
“testpassword,” enter the following command:
Note If you do not want to see the password in clear text, wait for the password prompt. Do not enter
the password along with the username and privilege.
sensor(config)# username tester privilege administrator
Enter Login Password: ************
Re-enter Login Password: ************
sensor(config)#
Note If you do not specify a privilege level for the user, the user is assigned the default viewer
privilege.
Step 4 Verify that the user has been added. A list of users is displayed.
sensor(config)# exit
sensor# show users all
CLI ID User Privilege
 previous next