[j-nsp] SSG Admin User Help

David W. Ford dave at proteus.net
Thu Jun 3 14:05:16 EDT 2010


If you are using a non-root account, you are not allowed to create or remove
user accounts.  Only the root administrator account (named "netscreen"
unless it was changed) is allowed to create or remove admin user accounts.
If you're logged on with the root administrator account you should be able
to remove it with the unset command.

Hope that helps.

Dave

David W. Ford, CISSP
JNCI, JNCIS-SEC, JNCIS-FWV
Security Engineer
dave at proteus.net

-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Brad Fleming
Sent: Thursday, June 03, 2010 10:57 AM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] SSG Admin User Help

Hello all,

We've gone through some sudden staff changes and I need to remove some  
config from an SSG-550M running ScreenOS 6.2. I know we shouldn't have  
a device with no backup; all things that will be fixed going forward.  
I just want to be sure we aren't sitting wide open for remote access  
on the box right now. Any help is appreciated.

Specifically, I need to remove the following:

set admin user "<<user>>" password "<<hashed pass>>" privilege "all"
set admin mail mail-addr1 "<<email>>"

I'm having trouble removing the configurations from both the CLI and  
web interface. I believe my account is allowed full read-write  
capabilities...

<device>-> get ssh
SSH V2 is active
SSH is enabled
SSH is ready for connections
Maximum sessions: 6
Active sessions: 1

Admin      Ip Addr         Vsys       Auth Method  Service
---------- --------------- ---------- ------------ --------
<<my usr>> <<my ip>>       Root       password     console
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list