This article describes how to set the password for the root user and create a new admin user.
For other topics, go to the SRX Getting Started main page.
This section contains the following:
Overview
When you first log in as the root user, you log in with no password. After logging in, you should configure the root (super-user) password. You can configure a plain-text password, or you can configure SSH RSA keys and SSH DSA keys to authenticate root logins. To configure the root user password with SSH RSA keys and SSH DSA keys, see the Chapter 5 references in
Technical Documentation.
Junos OS software has predefined login classes that you assign to all users:
- Operator
- Read-only
- Super-user
- Unauthorized
Use login classes to define the access privileges and commands that users can specify. For more information, see
Understanding Junos OS Access Privilege Levels.
J-Web Configuration
Setting the Root User Password
To set the root user password with a plain-text password:
- Select Configure>System Properties>System Identity.
- Click Edit.
- In the Root password box, type the password for the root user.
- In the Confirm password box, type the root password again.
- Click OK.
- Click Commit to commit the password change before attempting to commit future configuration changes.
Using Predefined Login Classes
You can apply a login class when creating a new user account or to an existing user account. For an example of applying a login class when creating a new user, see
KB16657 - Configure Admin User.
To apply a login class to an existing user account:
- Select Configure>System Properties>User Management.
- Click Edit.
- In the Edit User Management dialog box, select a username, and click Edit.
- In the Login class list, select the level of permission for executing commands for the user.
- Click OK.
- In the Edit User Management dialog box, click OK.
Creating a New Admin User
To create a new admin user with super-user privileges:
- Select Configure>System Properties>User Management.
- Click Edit.
- In the Edit User Management dialog box, click Add.
- In the User name box, type the username of the user (for example, jlee).
- In the Password box, type the password for the user.
- In the Confirm password box, type the user password again.
- In the Login class list, select the level of permission for executing commands for the user (in this example, super-user).
- Click OK.
- In the Edit User Management dialog box, click OK.
If you are finished configuring the device, click
Commit to commit the configuration.
CLI Configuration
Setting the Root User Password
To set the root user password with a plain-text password:
- In configuration mode, enter the following command:
user@host#
set system root-authentication plain-text-password
- Enter the password for the root user. The password does not appear as you type.
New password:
- Enter the password again for confirmation. The password does not appear as you type.
Retype new password:
- Commit the password change.
user@host# commit
Using Predefined Login Classes
You can review the available login classes by using the following command:
user@host# set system login user labuser class ?
Possible completions:
<class> Login class
operator permissions [ clear network reset trace view ]
read-only permissions [ view ]
super-user permissions [ all ]
unauthorized permissions [ none ]
In the following example, you apply the
operator
login class to the user with the username of csmith:
user@host#
set system login user csmith class operator
Creating a New Admin User
To create a new admin user, create a login user with super-user privileges:
- Create a user account named jlee, which has super-user privileges.
user@host#
set system login user jlee class super-user authentication plain-text-password
- Enter the password for the user, and enter the password again. The password does not appear as you type.
New password:
Retype new password:
For information about configuring user accounts and access privileges, see the Chapter 6 references in
Technical Documentation. For information about RADIUS system authentication, see
Example: Configuring a RADIUS Server for System Authentication or the
SRX Getting Started main page.
Technical Documentation
Junos Software System Basics Configuration Guide
Verification
To review root user password information, use the following command in configuration mode:
user@host# show system root-authentication
'encrypted-password “$ABC123"; ## SECRET-DATA
To review user account information, use the following command in configuration mode:
user@host# show system login
user jlee {
uid 2001;
class super-user;
authentication {
encrypted-password “$ABC123"; ## SECRET-DATA
}
}