Configuring CLI Access Security
3-6 Using the CLI
Example
Thisexampleshowshowtodisplayloginaccountinformation.Inthiscase,devicedefaults
havenotbeenchanged:
Setting Password Policies
Onceapasswordisestablished,thedefaultpasswordpolicieslistedinTable 3‐2applyunless
configuredotherwise.
AdministratorswithSuper‐Useraccesscanusethefollowingcommandstosetpasswordageout
time,thepasswordhistorysize,andthenumberoffailedloginattemptsallowedbeforeuserlock
out.
Setting Age Out Time
Fromthesuprompt,usethefollowingcommandtoenablepasswordagingandsetthenumberof
daysuserpasswordswillremainvalidbeforeagingout,ortodisablepasswordaging.
set system password aging {days | disable}
Validdays values are1to365.
Setting History Size
Fromthesuprompt,usethefollowingcommandtosetthenumberofpreviouslyuseduserlogin
passwordsthatwillbecheckedforpasswordduplication.Thispreventsduplicatepasswords
frombeingenteredintothesystemwiththe
set passwordcommand.
set system password history size
Validsize valuesare0to10.
Matrix(su)->show system login
Password history size: 0
Password aging : disabled
Username Access State
admin super-user enabled
ro read-only enabled
rw read-write enabled
Table 3-2 Default Password Policies
Policy Device Default
Password aging Disabled
History size (number of passwords checked for
duplication)
Disabled
Lock out after failed login attempts Set to disable Read-Write and Read-Only users —
and to lockout the default Admin (Super User)
account for 15 minutes — after 3 failed login
attempts
Comments to this Manuals