Security
7705 SAR OS System Management Guide Page 39
Sample User (VSA) Configuration
The following example displays a user-specific VSA configuration. This configuration
shows attributes for users named
ruser1 and ruser2.
The following example shows that user
ruser1 is granted console access. ruser1’s home
directory is in compact flash slot 3 and is limited to the home directory. The default action
permits all packets when matching conditions are not met. The
timetra-cmd parameters
allow the user to use the
tools;telnet;configure system security commands.
Matching strings specified in the
timetra-action command are denied for this user.
The user
ruser2 is granted FTP access. The default action denies all packets when
matching conditions are not met. The
timetra-cmd parameters allow the user to use the
configure, show, and debug commands. Matching strings specified in the
timetra-action command are permitted for this user.
users.timetra
ruser1 Auth-Type := System, Password == "ruser1"
Service-Type = Login-User,
Idle-Timeout = 600,
Timetra-Access = console,
Timetra-Home-Directory = cf3:
Timetra-Restrict-To-Home = true
Timetra-Default-Action = permit-all,
Timetra-Cmd = "tools;telnet;configure system security",
Timetra-Action = deny
ruser2 Auth-Type := System, Password == "ruser2"
Service-Type = Login-User,
Idle-Timeout = 600,
Timetra-Access = ftp
Timetra-Default-Action = deny-all,
Timetra-Cmd = "configure",
Timetra-Cmd = "show",
Timetra-Action = permit,
Timetra-Cmd = "debug",
Timetra-Action = permit,
Alcatel-Lucent Dictionary
# Version: 20061003-1
VENDORAlcatel-IPD6527
# User management VSAs
ATTRIBUTE Timetra-Access1integerAlcatel-IPD
ATTRIBUTE Timetra-Home-Directory2stringAlcatel-IPD
ATTRIBUTE Timetra-Restrict-To-Home3integerAlcatel-IPD
ATTRIBUTE Timetra-Profile4stringAlcatel-IPD
ATTRIBUTE Timetra-Default-Action5integer Alcatel-IPD
ATTRIBUTE Timetra-Cmd6stringAlcatel-IPD
To Next Page
Loading...
