Difference between revisions of "CLI - User and Session"

User

The user in the CLI means a user account that can directly connect to the imRAD devices using a console or ssh.

Verifying User and Login Sessions

You can verify all user list by the show user command. The "logged-in" indicates that someone is logged in or not. The "Password Aging" is used to forcibly change the password of users periodically. You can see the below message after login when you log in with an account whose password had been changed last before the specified day(i.e. "Password aging"). In other words, we inform you to change the password of accounts every "Password aging" day. The default value of the "Password aging" is 30 days.

We recommend that you should change your password because the last time you changed your password exceeded the "Passowrd aging". Would you like to change it?(y/n):

LYSH@MyHostName# show user
user         locked   logged-in    latest                            Last password change    Password Aging
ladmin       True     True         Wed Apr 28 17:55:44 +0900 2021    Apr 23, 2021            30 days

If you enter the show session command, you can see all login sessions.

LYSH@MyHostName# show session
 18:58:08 up 86 days, 10:51,  4 users,  load average: 0.09, 0.14, 0.15
USER             TTY      FROM             LOGIN@   IDLE   JCPU   PCPU
ladmin           pts/1    192.168.0.11     Mon10    0.00s  2.56s  0.25s
ladmin           pts/2    192.168.0.11     Mon10    1:02m  0.53s  0.41s

Login History

If you enter the last command on user mode, it shows listing of last logged in users. The lastb command shows all the bad login attempts(e.g. incorrect user or password).

LYSH@MyHostName# last
ladmin pts/1        192.168.5.11     Thu May 20 10:29   still logged in
ladmin pts/0        192.168.5.11     Thu May 20 10:26   still logged in
ladmin pts/0        192.168.5.13     Tue May 18 18:03 - 18:37  (00:33)
ladmin pts/0        192.168.5.15     Tue May 18 17:04 - 17:46  (00:42)
ladmin pts/3        192.168.5.15     Tue May 18 12:19 - 15:55  (03:35)
.....

LYSH@MyHostName# lastb
adsdf    ssh:notty    192.168.5.11     Thu May 13 18:08 - 18:08  (00:00)
ladmin   ssh:notty    192.168.5.11     Thu May 13 18:03 - 18:03  (00:00)

If you enter man last or man lastb command on user mode, you can see the manual of them.

Configuring Password

You can change the password of the user by entering the user password {user} command in the configuration mode. If you execute the user password {user} command, the system will ask for the current password and new password.

LYSH@MyHostName# configure
LYSH@MyHostName(config)# user password ladmin

Disconnecting User Session

You can forcibly disconnect a user session by the disconnect tty {tty} command in the user mode. you should ensure the tty^[1] of a user session by he show session command before disconnecting a session.

LYSH@MyHostName# disconnet tty pts/2
 18:58:08 up 86 days, 10:51,  4 users,  load average: 0.09, 0.14, 0.15
USER             TTY      FROM             LOGIN@   IDLE   JCPU   PCPU
ladmin           pts/1    192.168.0.11     Mon10    0.00s  2.56s  0.25s
ladmin           pts/2    192.168.0.11     Mon10    1:02m  0.53s  0.41s

Adding User

In the configuration mode, you can create a new user. The "Password Aging" will be set to 30 days as default.

LYSH@MyHostName# configure
confiugre# user add newuser newpassword
confiugre# exit
LYSH@MyHostName# show user
user         locked   logged-in    latest                            Last password change    Password Aging
ladmin       True     True         Wed Apr 28 17:55:44 +0900 2021    Apr 23, 2021            30 days
newuser      True     False        **Never logged in**               Apr 29, 2021            30 days

Deleting User

To delete a specific user, enter the user delete {user} command in the configuration mode.
if you delete a user who is in a login state, you will fail to delete it. Therefore you must disconnect the user before deleting it.

LYSH@MyHostName# configure
confiugre# user delete newuser

lock/unlock

You can lock a user. And then you can't log in with the locked user. Also, you can unlock the locked user.

LYSH@MyHostName# configure
confiugre# user lock newuser
LYSH@MyHostName(config)# exit
LYSH@MyHostName# show user
user         locked   logged-in    latest                            Last password change    Password Aging
ladmin       True     True         Wed Apr 28 17:55:44 +0900 2021    Apr 23, 2021            30 days
newuser      True     False        **Never logged in**               Apr 29, 2021            30 days   

LYSH@MyHostName# configure
confiugre# user unlock newuser
LYSH@MyHostName(config)# exit
LYSH@MyHostName# show user
user         locked   logged-in    latest                            Last password change    Password Aging
ladmin       True     True         Wed Apr 28 17:55:44 +0900 2021    Apr 23, 2021            30 days
newuser      False    False        **Never logged in**               Apr 29, 2021            30 days

Configuring Password Aging

You can change the "Password Aging" by entering the user passwordage {age} in the configuration mode.

LYSH@MyHostName# configure
 confiugre# user passwordage 60
 LYSH@MyHostName(config)# exit
 LYSH@MyHostName# show user
 user         locked   logged-in    latest                            Last password change    Password Aging
 ladmin       True     True         Wed Apr 28 17:55:44 +0900 2021    Apr 23, 2021            60 days
 newuser      False    False        **Never logged in**               Apr 29, 2021            30 days