Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

741

742

743

744

745

746

747

748

749

750

○ A minimum of one special character including a space (" !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~")

DellEMC)# show running-config | g root

root-access password 7 f4dc0cb9787722dd1084d17f417f164cc7f730d4f03d4f0215294cbd899614e3

Locking Access to GRUB Interface

You can configure the Dell EMC Networking OS to lock the GRUB interface using a password. If you configure a GRUB

password, the system prompts for the password when you try to access the GRUB interface.

CAUTION: After configuring the boot access password, save it to a secure location. If you forget it, you will not

be able to access the options in the startup menu. If you forget both the boot access password and the enable

password, the system may become inaccessible.

To lock the GRUB interface using a password, use the following procedure:

● Configure a GRUB password.

CONFIGURATION mode

boot-access password [encryption-type] boot-password

Enter an encryption type for the boot password.

○ 0 directs the system to store the password as clear text.

○ 7 directs the system to store the password with a dynamic salt.

When you configure the root access password, ensure that your password meets the following criteria:

○ A minimum of eight characters in length

○ A minimum of one lower case letter (a to z)

○ A minimum of one upper case letter (A to Z)

○ A minimum of one numeric character (0 to 9)

○ A minimum of one special character including a space (" !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~")

If you enable the boot access password, the system prompts for a password when you access the GRUB interface.

DellEMC(conf)#boot-access password 7 Hg$7^5HMoiY%

***********************************************************************

* Warning - boot-access password will enable password protection in *

* GRUB. Keep it safe. Forgetting this password and the CLI password *

* may result in switch becoming inaccessible. *

***********************************************************************

Do you want to configure boot-access password? Proceed [yes/no]:yes

DellEMC(conf)#

Enabling User Lockout for Failed Login Attempts

You can configure the system to lock out local users for a specific period for unsuccessful login attempts.

This feature enhances the security of the switch by locking out the local user account if there are more number of unsuccessful

login attempts than what is configured using the max-retry parameter. To enable the user lock out feature, use the following

commands:

Enable the user lockout feature.

CONFIGURATION

password-attributes user-lockout-period minutes

Enter the duration in minutes.

748

Security