[j-nsp] shell-based users
Craig Pierantozzi
tozz at bind.com
Thu Jun 30 15:40:19 EDT 2005
How bout a looking glass? I think there's lg code with
rancid? Then non-engineers don't have to get into the
router at all. Just access the lg via browser. If not
a full blown looking glass than some cgi to give them
web access to commands on the router but the access to the
router is controlled behind the scenes.
regards
http://www.shrubbery.net/rancid/
On Jun 30, 2005, at 1:26 PM, Jason Rowley wrote:
> I was asked to create a new user for non-engineers to have access to a
> few simple commands such as ping and telnet. We don't want to give
> them access to anything else, and we really don't want them exploring
> on the routers.
>
> My idea was to see if we could create a script-based menu to only give
> them access to what they need. I understand we can limit their
> permissions, but want to be able to dump them right into the script
> when they login.
>
> I thought I'd be able to add our script to /etc/shells, and create a
> user with that shell in the master.passwd, however when we do anything
> to rebuild the passwd database, something changes their shell back to
> /usr/sbin/cli.
>
> Is there anyway to do this? Or do I have to create a new login class
> and only permit them to access to shell?
>
> Thanks!
> -j
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
More information about the juniper-nsp
mailing list