[j-nsp] Enforcing CLI Idle-Timeouts

Stacy W. Smith stacy at acm.org
Tue Jul 22 00:07:23 EDT 2008 

Defining a custom class with your specified idle-timeout and  
"permissions all" doesn't seem too cumbersome. That would be  
equivalent to the pre-defined super-user class, and I think it's your  
best bet.

--Stacy

On Jul 21, 2008, at 8:51 PM, Stefan Fouant wrote:

> I hope the only other option isn't going to mean that I have to
> configure a custom login class and assign the various CLI permissions.
> That would be a real PITA. I wish there were some way to pass this
> information off from our TACACS+ server but alas it seems that the
> junos_exec service class has very limited command shell authorizations
>
> Hopefully someone on-list has found a solution....
>
>
>
> On 7/21/08, Christian Koch <christian at broknrobot.com> wrote:
>> i tried this a while back and came across the same issue, i've yet  
>> to be
>> able to find a 'hack' since..
>>
>> christian
>>
>>
>>
>> On Mon, Jul 21, 2008 at 4:56 PM, Stefan Fouant <sfouant at gmail.com>  
>> wrote:
>>
>>> Hey Folks,
>>>
>>> Wondering if anyone knows how to enforce CLI Idle-Timeouts on  
>>> Juniper
>>> using default login classes such as Super-User.  I see that there  
>>> is a
>>> command 'idle-timeout' which can be configured under a login class,
>>> but I want to modify the default class 'super-user' which has a
>>> default of idle-timeout 0/disabled.  It does not appear that I can
>>> modify the default login classes.
>>>
>>> Anyone here ever attempt anything similar?
>>>
>>> --
>>> Stefan Fouant
>>> Principal Network Engineer
>>> NeuStar, Inc. - http://www.neustar.biz
>>> GPG Key ID: 0xB5E3803D
>>> _______________________________________________
>>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>>
>>
>
> -- 
> Sent from Gmail for mobile | mobile.google.com
>
> Stefan Fouant
> Principal Network Engineer
> NeuStar, Inc. - http://www.neustar.biz
> GPG Key ID: 0xB5E3803D
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list