Manualshelf

System information

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-2501 Series
11121314151617181920
1-12 AR Series Router Reference Manual
Software Release 2.0.1
C613-03018-00 REV A
The CREATE CONFIG command on page 1-49 writes the MD5 digest, not the
cleartext, of passwords in commands to the configuration file. When a configuration
script is executed the command processor can determine whether the password value is
cleartext or an MD5 digest.
If the file name specified is
boot.cfg
, or the file is set as the boot script using
the SET CONFIG command on page 1-80, the modified configuration will
automatically be restored after a restart or power cycle. If another name is
specified, the configuration can be restored after a restart or power cycle using
the command:
ACTIVATE SCRIPT=filename
User Authentication Facility
The User Authentication Facility (UAF) controls access to the router’s command
prompt, asynchronous services and dialup services via a login name and
password. A user will be prompted to enter a login name and password when:
The user attempts to access the router’s command prompt via a terminal
connected directly to an asynchronous port set to SECURE mode.
The user attempts to access the router’s command prompt via a Telnet
connection.
The user attempts to access a dialup service via an asynchronous modem
connected to an asynchronous port.
The user enters the LOGIN command on page 1-73.
The UAF prompts the user for a login name and password (Figure 1-2 on
page 1-12). The user must enter appropriate responses, pressing [Return] after
each response. Characters entered at the password prompt are not echoed to
the screen, for security reasons.
Figure 1-2: A typical login session for user BRUCE on router CMD.
If the user enters an invalid login name or password, the sequence is repeated a
set number of times. If a valid login name and password has still not been
entered the terminal or Telnet session is locked out for a period of time. During
this period the password prompt is withheld, preventing the user from logging
in or entering commands. The manager can specify the number of login
attempts allowed and the length of the lockout period.
The password prompt is displayed regardless of whether or not a password is required
for the login name entered by the user. This makes it more difficult for an intruder to
discover valid login name/password combinations.
CMD login: bruce
password:
CMD >