Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

SRX Getting Started - Configure Admin User

0

0
Article ID: KB16657 KB Last Updated: 21 Feb 2020Version: 6.0 Summary:

This article describes how to set the password for the root user and create a new admin user.

For other topics, go to the SRX Getting Started main page.

Symptoms:
  • Set the root user password
  • Use predefined login classes
  • Create a new admin user
Solution:

This section contains the following:

 

Overview

When you first log in as the root user, you log in with no password. After logging in, you should configure the root (super-user) password. You can configure a plain-text password, or you can configure SSH RSA keys and SSH DSA keys to authenticate root logins. To configure the root user password with SSH RSA keys and SSH DSA keys, see the Chapter 5 references in Technical Documentation.

Junos OS software has predefined login classes that you assign to all users:
  • Operator
  • Read-only
  • Super-user
  • Unauthorized
Use login classes to define the access privileges and commands that users can specify. For more information, see Understanding Junos OS Access Privilege Levels.
 

J-Web Configuration

Setting the Root User Password

To set the root user password with a plain-text password:
  1. Select Configure>System Properties>System Identity.
  2. Click Edit.
  3. In the Root password box, type the password for the root user.
  4. In the Confirm password box, type the root password again.
  5. Click OK.
  6. Click Commit to commit the password change before attempting to commit future configuration changes.
Using Predefined Login Classes

You can apply a login class when creating a new user account or to an existing user account. For an example of applying a login class when creating a new user, see KB16657 - Configure Admin User.

To apply a login class to an existing user account:
  1. Select Configure>System Properties>User Management.
  2. Click Edit.
  3. In the Edit User Management dialog box, select a username, and click Edit.
  4. In the Login class list, select the level of permission for executing commands for the user.
  5. Click OK.
  6. In the Edit User Management dialog box, click OK.

Creating a New Admin User

To create a new admin user with super-user privileges:
  1. Select Configure>System Properties>User Management.
  2. Click Edit.
  3. In the Edit User Management dialog box, click Add.
  4. In the User name box, type the username of the user (for example, jlee).
  5. In the Password box, type the password for the user.
  6. In the Confirm password box, type the user password again.
  7. In the Login class list, select the level of permission for executing commands for the user (in this example, super-user).
  8. Click OK.
  9. In the Edit User Management dialog box, click OK.
If you are finished configuring the device, click Commit to commit the configuration.
 

CLI Configuration

Setting the Root User Password

To set the root user password with a plain-text password:
  1. In configuration mode, enter the following command:

  2. user@host# set system root-authentication plain-text-password



    3.  
  3. Enter the password for the root user. The password does not appear as you type.

  4. New password:



    5.  
  5. Enter the password again for confirmation. The password does not appear as you type.

  6. Retype new password:



    7.  
  7. Commit the password change.

  8. user@host# commit


    9.  

Using Predefined Login Classes

You can review the available login classes by using the following command:

user@host# set system login user labuser class ?
Possible completions:
<class> Login class
operator permissions [ clear network reset trace view ]
read-only permissions [ view ]
super-user permissions [ all ]
unauthorized permissions [ none ]

In the following example, you apply the operator login class to the user with the username of csmith:

user@host# set system login user csmith class operator

Creating a New Admin User

To create a new admin user, create a login user with super-user privileges:
  1. Create a user account named jlee, which has super-user privileges.

  2. user@host# set system login user jlee class super-user authentication plain-text-password



    3.  
  3. Enter the password for the user, and enter the password again. The password does not appear as you type.
New password:
Retype new password:
For information about configuring user accounts and access privileges, see the Chapter 6 references in Technical Documentation. For information about RADIUS system authentication, see Example: Configuring a RADIUS Server for System Authentication or the SRX Getting Started main page.
 

Technical Documentation

Junos Software System Basics Configuration Guide

Verification

To review root user password information, use the following command in configuration mode:

user@host# show system root-authentication
'encrypted-password “$ABC123"; ## SECRET-DATA

To review user account information, use the following command in configuration mode:

user@host# show system login 
user jlee {
    uid 2001;
    class super-user;
    authentication {
        encrypted-password “$ABC123"; ## SECRET-DATA
    }
}

 

 

Modification History:
2020-02-21: Changed encrypted password to “$ABC123".
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search