HP UX 11i v2 Networking Software manual Username

username

Synopsis: The username command is used to create and manage administrative access to both CLI, GUI, and SNMP (Element Manager GUI is not supported in initial release of HP InfiniBand).

Syntax: username user password passwd <-- must be executed 1st

username user no

username user disable

username user enable

username user community-string string

username user no-community-string

username user privilege priv1 [priv2] [priv3]

user and passwd are alphanumeric strings up to 34 characters each.

The privilege argument removes all existing privileges, and replaces them with them with the new ones.

Command Modes: Global-configuration mode.

Privilege Level: Unrestricted read-write user or general read-write user (change own password only).

Usage Guidelines: The username command is used to:

Create and remove user accounts. The default CLI user accounts are guest, admin, and super. Change user password. A user with read-write access may change their own password.

Assign access levels based upon functional areas, such as Fibre Channel, Ethernet, and InfiniBand administrative areas. Access levels may be unrestricted or read-only or read-write for the various administrative areas. Unrestricted is the equivalent to the superuser.

Enable or disable the account.

Associate user accounts with SNMP community strings. This community string is also used as the password for Element Manager access (Element Manager GUI is not supported in initial release of HP InfiniBand).

The user account must be created using the password argument before any other user configuration is allowed.

The default unrestricted username for the CLI is super and the default password is super. SNMP community strings provide the user credentials necessary to access Management Information Base (MIB) objects. The default community-string assigned to the unrestricted user for the Element Manager is secret (Element Manager GUI is not supported in initial release of HP InfiniBand).

One unique community string is associated with each username and password. Community strings can be associated with a variety of privilege levels. The user must have an SNMP community string to begin an Element Manager session. If you do not want users to have SNMP access to the system, do not assign them a community string. By default, a new user account has a null or empty community string. Only the unrestricted user may view community strings (Element Manager GUI is not supported in initial release of HP InfiniBand).

Also, SNMP community strings are sent across the network in UDP packets. There is no encryption.

By default, new user accounts have read-only access. You may grant write privileges to a user for functional areas, such as InfiniBand. The privileges are:

•ib-ro (InfiniBand read-only access)

•ib-rw (InfiniBand read-write)

•unrestricted-rw (Read-write access to all network configuration commands).

Privileges are order-dependent. You must enter multiple access privileges in the order shown in the list above. When changing the privileges of an existing user, specify all the privileges allowed to the user (including re-entering existing privileges), because the privilege argument removes all existing privileges and replaces them with them with the new ones.

Administrative Commands 213