[j-nsp] read-only config account, "rancid" user

Malte von dem Hagen mvh at hosteurope.de
Thu Feb 4 13:27:23 EST 2010


Hi,

Am 04.02.10 18:14 schrieb matthew zeier:
> Not clear how to create a dumbed down read-only user who can just view the config.  
> 
> In a Cisco world I'd use "privilege exec level" .  In JunOS, a read-only class can't run "show configuration".
> 
> What's the nugget of info I'm missing?

system {
    login {
        class rancid {
            permissions [ secret view view-configuration ];
        }
    }
}

rgds,

Malte
-- 
Malte v. dem Hagen
Teamleitung Network Engineering & Operation
Abteilung Technik
-----------------------------------------------------------------------
Host Europe GmbH - http://www.hosteurope.de
Welserstraße 14 - 51149 Köln - Germany
Telefon: 0800 467 8387 - Fax: +49 180 5 66 3233 (*)
HRB 28495 Amtsgericht Köln - USt-IdNr.: DE187370678
Geschäftsführer:
Uwe Braun - Alex Collins - Mark Joseph - Patrick Pulvermüller

(*) 0,14 EUR/Min. aus dem dt. Festnetz, Mobilfunkpreise ggf. abweichend

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20100204/fc74fc82/attachment.bin>


More information about the juniper-nsp mailing list