Terminal (Program Port/Telnet) Commands
94
NetLinx Integrated Controllers (Firmware v4)- WebConsole & Programming Guide
Terminal Commands (Cont.)
Command Description
SET SECURITY PROFILE Sets a pre-defined Security Profile (a grouped set of security settings). The Security Profile can be 
set to "none" (default setting), "Secure", or "DOD" (see below).
Note: The Security Profile can only be configured via the terminal interface of the Master's Program 
port. 
Example:
set security profile
When you press Enter, the system responds with:
Current Security Profile = 0 (none)
Enter new security profile (0=none, 1=secure, 2=DOD):
Once you enter a value and press Enter, the system responds with:
New security profile set, reboot the Master for change to fully take effect.
The three Security Profiles are described below:
None (default):
• No security is enabled and all Master interface ports are available including HTTP, HTTPS, Telnet, 
SSH, FTP and terminal access.
• Logins are not required on the Master's Web, Telnet and terminal interfaces.
• This is the default out-of-the-box configuration.
Secure:
• Unsecured interface ports are disabled including HTTP, Telnet and FTP. Only HTTPS and SSH and 
terminal user ports are available.
• All user access requires a username/password login including HTTPS, SSH and terminal.
• NetLinx/ICSP security is enabled requiring all NetLinx devices connecting with the Master to 
provide username/password authentication and encryption.
• Passwords must conform to a stricter set of requirements. They must be at least 8 characters 
long and contain at least one upper and one lower case alpha, one numeric and one special 
character (excluding the blankspace).
Allowed Special Characters:
The following special characters are allowed for use in User Name and Password entries:
! ” # $ % & ’ ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ 
Also allowed are any printable ASCII characters (including "space"): A-Z, a-z, 0-9.
• Passwords cannot contain back-to-back duplicate characters.
• To ensure all account passwords conform to the new standard, all existing user accounts are 
deleted and the built-in 'administrator' and 'netlinx' account passwords are set to the secure 
default of 'Amx1234!'
• Failed login attempts will force a 4 second delay before a subsequent login attempt can occur.
• Three consecutive login failures from any location will cause a 15 minute lockout for the 
specified user account.
• If a banner.txt file is present in the Master's /user directory, the text from the banner.txt file will 
be included on the Master's Web login prompt.
• All user account access will be timed out after at most 15 minutes of inactivity by the user. Any 
activity after the timeout will cause the login prompt to be displayed and login will be required to 
regain access. The inactivity timer on an SSH and terminal session will be disabled if "msg on" 
logging is active.
• All account access including successful and failed logins and logouts will be recorded in 
persistent storage. Audit records will be retained for 90 days. The current audit logs can be 
viewed via SSH or terminal sessions using the "show audit log" command. The audit log can be 
manually cleared from SSH or terminal session using the "clear audit log" command.
DoD:
DoD security profile has all of the security specifications of "secure" profile along with the 
following additional features:
• The default Web login banner text consists of the following: "This is a Department of Defense 
(DOD) computer system provided only for authorized U.S. Government use. This system may be 
monitored for all lawful purposes. All information, including personal information, placed on or 
sent over this system, may be monitored. Use of this DOD computer system, authorized or 
unauthorized, constitutes consent to monitoring of this system. Unauthorized use may subject you 
to criminal prosecution and penalties."
• The default Web login banner text can be overridden by providing a banner.txt file in the /user 
directory.
• The SSH and terminal interface will display the following banner after a successful login: "DOD 
use only! Subject to monitoring, reporting, prosecution, and penalties."