Chapter 1 Controlling CSS Access
Creating Usernames and Passwords
•password - Specifies the password is not encrypted. Use this option when you use the CLI to dynamically create users.
•password - The password. Enter an unquoted text string with no spaces and a length of 6 to 16 characters. The CSS allows all special characters in a password except for the percent sign (%).
Note If you specify the des-passwordoption, you must know the encrypted form of this password to successfully log in to the CSS. You can find the CSS encrypted password in the running configuration. To display the CSS running configuration, use the show running-configcommand (see the “Creating Usernames and Passwords” section).
•superuser - Specifies SuperUser privileges to allow a user to access SuperUser mode. If you do not enter this option, the user can only access User mode.
•dir-access- (Optional) Defines the CSS directory access privileges for the username. There are access privileges assigned to the seven CSS directories, in the following order: Script, Log, Root (installed CSS software), Archive, Release Root (configuration files), Core, and MIBs. By default, users have both read- and write-access privileges (B) to all seven directories. Administrators or technicians can use the dir-accessoption to selectively implement a set of directory access privileges for each user. Changing the access level also affects the use of the CLI commands associated with directories.
To use the dir-accessoption, you must first specify the restrict user-databasecommand to implement security restrictions for the CSS user database.
| Cisco Content Services Switch Security Configuration Guide |
1-4 | OL-5650-02 |