summaryrefslogtreecommitdiff
path: root/docs/ch12-system.rst
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2018-10-03 15:07:38 +0200
committerChristian Poessinger <christian@poessinger.com>2018-10-03 15:07:38 +0200
commite02c3a1fb4fe39956c44ac611d7820fd730a047f (patch)
treef8195045168bdca8a6dfbc22d787b8296f8a29d2 /docs/ch12-system.rst
parent2022dd397eb6612f44d1e0c5b548b4ccaceb8a2c (diff)
downloadvyos-documentation-e02c3a1fb4fe39956c44ac611d7820fd730a047f.tar.gz
vyos-documentation-e02c3a1fb4fe39956c44ac611d7820fd730a047f.zip
Add System chapter
Diffstat (limited to 'docs/ch12-system.rst')
-rw-r--r--docs/ch12-system.rst68
1 files changed, 68 insertions, 0 deletions
diff --git a/docs/ch12-system.rst b/docs/ch12-system.rst
new file mode 100644
index 00000000..5458f2e6
--- /dev/null
+++ b/docs/ch12-system.rst
@@ -0,0 +1,68 @@
+System
+======
+
+System Users
+------------
+
+VyOS supports two levels of users: admin and operator.
+
+The operator level restricts a user to operational commands and prevents
+changes to system configuration. This is useful for gathering information
+about the state of the system (dhcp leases, vpn connections, routing tables,
+etc...) and for manipulating state of the system, such as resetting
+connections, clearing counters and bringing up and taking down connection
+oriented interfaces.
+
+The admin level has all of the capabilities of the operator level, plus the
+ability to change system configuration. The admin level also enables a user
+to use the sudo command, which essentially means the user has root access to
+the system.
+
+Creating Login User Accounts
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Create user account `jsmith`, with `admin` level access and the password
+`mypassword`
+
+.. code-block:: sh
+
+ set system login user jsmith full-name "Johan Smith"
+ set system login user jsmith authentication plaintext-password mypassword
+ set system login user jsmith level admin
+
+The command:
+
+.. code-block:: sh
+
+ show system login
+
+will show the contents of :code:`system login` configuration node:
+
+.. code-block:: sh
+
+ user jsmith {
+ authentication {
+ encrypted-password $6$0OQHjuQ8M$AYXVn7jufdfqPrSk4/XXsDBw99JBtNsETkQKDgVLptXogHA2bU9BWlvViOFPBoFxIi.iqjqrvsQdQ./cfiiPT.
+ plaintext-password ""
+ }
+ full-name "Johan Smith"
+ level admin
+ }
+
+SSH Access using Shared Public Keys
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The following command will load the public key `dev.pub` for user `jsmith`
+
+.. code-block:: sh
+
+ loadkey jsmith dev.pub
+
+**NOTE:** This requires uploading the `dev.pub` public key to the VyOS router
+first. As an alternative you can also load the SSH public key directly from a
+remote system:
+
+.. code-block:: sh
+
+ loadkey jsmith scp://devuser@dev001.vyos.net/home/devuser/.ssh/dev.pub
+