[j-nsp] SSG Admin User Help
David W. Ford
dave at proteus.net
Thu Jun 3 14:05:16 EDT 2010
If you are using a non-root account, you are not allowed to create or remove
user accounts. Only the root administrator account (named "netscreen"
unless it was changed) is allowed to create or remove admin user accounts.
If you're logged on with the root administrator account you should be able
to remove it with the unset command.
Hope that helps.
Dave
David W. Ford, CISSP
JNCI, JNCIS-SEC, JNCIS-FWV
Security Engineer
dave at proteus.net
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of Brad Fleming
Sent: Thursday, June 03, 2010 10:57 AM
To: juniper-nsp at puck.nether.net
Subject: [j-nsp] SSG Admin User Help
Hello all,
We've gone through some sudden staff changes and I need to remove some
config from an SSG-550M running ScreenOS 6.2. I know we shouldn't have
a device with no backup; all things that will be fixed going forward.
I just want to be sure we aren't sitting wide open for remote access
on the box right now. Any help is appreciated.
Specifically, I need to remove the following:
set admin user "<<user>>" password "<<hashed pass>>" privilege "all"
set admin mail mail-addr1 "<<email>>"
I'm having trouble removing the configurations from both the CLI and
web interface. I believe my account is allowed full read-write
capabilities...
<device>-> get ssh
SSH V2 is active
SSH is enabled
SSH is ready for connections
Maximum sessions: 6
Active sessions: 1
Admin Ip Addr Vsys Auth Method Service
---------- --------------- ---------- ------------ --------
<<my usr>> <<my ip>> Root password console
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list