Knowledge Search


×
 

SRX Getting Started - Configure Admin User

  [KB16657] Show Article Properties


Summary:

This article describes how to set the password for the root user and create a new admin user.

For other topics, go to the SRX Getting Started main page.

Symptoms:
  • Set the root user password
  • Use predefined login classes
  • Create a new admin user
Cause:

Solution:

This section contains the following:


Overview

When you first log in as the root user, you log in with no password. After logging in, you should configure the root (super-user) password. You can configure a plain-text password, or you can configure SSH RSA keys and SSH DSA keys to authenticate root logins. To configure the root user password with SSH RSA keys and SSH DSA keys, see the Chapter 5 references in Technical Documentation.

Junos OS software has predefined login classes that you assign to all users:
  • Operator
  • Read-only
  • Super-user
  • Unauthorized
Use login classes to define the access privileges and commands that users can specify. For more information, see Understanding Junos OS Access Privilege Levels.

J-Web Configuration

Setting the Root User Password

To set the root user password with a plain-text password:
  1. Select Configure>System Properties>System Identity.
  2. Click Edit.
  3. In the Root password box, type the password for the root user.
  4. In the Confirm password box, type the root password again.
  5. Click OK.
  6. Click Commit to commit the password change before attempting to commit future configuration changes.
Using Predefined Login Classes

You can apply a login class when creating a new user account or to an existing user account. For an example of applying a login class when creating a new user, see KB16657 - Configure Admin User.

To apply a login class to an existing user account:
  1. Select Configure>System Properties>User Management.
  2. Click Edit.
  3. In the Edit User Management dialog box, select a username, and click Edit.
  4. In the Login class list, select the level of permission for executing commands for the user.
  5. Click OK.
  6. In the Edit User Management dialog box, click OK.

Creating a New Admin User

To create a new admin user with super-user privileges:
  1. Select Configure>System Properties>User Management.
  2. Click Edit.
  3. In the Edit User Management dialog box, click Add.
  4. In the User name box, type the username of the user (for example, jlee).
  5. In the Password box, type the password for the user.
  6. In the Confirm password box, type the user password again.
  7. In the Login class list, select the level of permission for executing commands for the user (in this example, super-user).
  8. Click OK.
  9. In the Edit User Management dialog box, click OK.
If you are finished configuring the device, click Commit to commit the configuration.

CLI Configuration

Setting the Root User Password

To set the root user password with a plain-text password:
  1. In configuration mode, enter the following command:

  2. user@host# set system root-authentication plain-text-password

  3. Enter the password for the root user. The password does not appear as you type.

  4. New password:

  5. Enter the password again for confirmation. The password does not appear as you type.

  6. Retype new password:

  7. Commit the password change.

  8. user@host# commit

Using Predefined Login Classes

You can review the available login classes by using the following command:

user@host# set system login user labuser class ?
Possible completions:
<class> Login class
operator permissions [ clear network reset trace view ]
read-only permissions [ view ]
super-user permissions [ all ]
unauthorized permissions [ none ]


In the following example, you apply the operator login class to the user with the username of csmith:

user@host# set system login user csmith class operator

Creating a New Admin User


To create a new admin user, create a login user with super-user privileges:
  1. Create a user account named jlee, which has super-user privileges.

  2. user@host# set system login user jlee class super-user authentication plain-text-password

  3. Enter the password for the user, and enter the password again. The password does not appear as you type.
New password:
Retype new password:
For information about configuring user accounts and access privileges, see the Chapter 6 references in Technical Documentation. For information about RADIUS system authentication, see Example: Configuring a RADIUS Server for System Authentication or the SRX Getting Started main page.

Technical Documentation

Junos Software System Basics Configuration Guide

Verification

To review root user password information, use the following command in configuration mode:

user@host# show system root-authentication
encrypted-password "$1$q5WcB7zc$vOapLqVfMW2Ol2FGDEBQT."; ## SECRET-DATA


To review user account information, use the following command in configuration mode:

user@host# show system login
user jlee {
    uid 2001;
    class super-user;
    authentication {
        encrypted-password "$1$t4bXb8QN$.9IAxGMSOw9d/FiMXJPNm0"; ## SECRET-DATA
    }
}

Related Links: