diff options
author | Christian Poessinger <christian@poessinger.com> | 2018-10-03 15:07:38 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2018-10-03 15:07:38 +0200 |
commit | e02c3a1fb4fe39956c44ac611d7820fd730a047f (patch) | |
tree | f8195045168bdca8a6dfbc22d787b8296f8a29d2 /docs/ch12-system.rst | |
parent | 2022dd397eb6612f44d1e0c5b548b4ccaceb8a2c (diff) | |
download | vyos-documentation-e02c3a1fb4fe39956c44ac611d7820fd730a047f.tar.gz vyos-documentation-e02c3a1fb4fe39956c44ac611d7820fd730a047f.zip |
Add System chapter
Diffstat (limited to 'docs/ch12-system.rst')
-rw-r--r-- | docs/ch12-system.rst | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/docs/ch12-system.rst b/docs/ch12-system.rst new file mode 100644 index 00000000..5458f2e6 --- /dev/null +++ b/docs/ch12-system.rst @@ -0,0 +1,68 @@ +System +====== + +System Users +------------ + +VyOS supports two levels of users: admin and operator. + +The operator level restricts a user to operational commands and prevents +changes to system configuration. This is useful for gathering information +about the state of the system (dhcp leases, vpn connections, routing tables, +etc...) and for manipulating state of the system, such as resetting +connections, clearing counters and bringing up and taking down connection +oriented interfaces. + +The admin level has all of the capabilities of the operator level, plus the +ability to change system configuration. The admin level also enables a user +to use the sudo command, which essentially means the user has root access to +the system. + +Creating Login User Accounts +^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Create user account `jsmith`, with `admin` level access and the password +`mypassword` + +.. code-block:: sh + + set system login user jsmith full-name "Johan Smith" + set system login user jsmith authentication plaintext-password mypassword + set system login user jsmith level admin + +The command: + +.. code-block:: sh + + show system login + +will show the contents of :code:`system login` configuration node: + +.. code-block:: sh + + user jsmith { + authentication { + encrypted-password $6$0OQHjuQ8M$AYXVn7jufdfqPrSk4/XXsDBw99JBtNsETkQKDgVLptXogHA2bU9BWlvViOFPBoFxIi.iqjqrvsQdQ./cfiiPT. + plaintext-password "" + } + full-name "Johan Smith" + level admin + } + +SSH Access using Shared Public Keys +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The following command will load the public key `dev.pub` for user `jsmith` + +.. code-block:: sh + + loadkey jsmith dev.pub + +**NOTE:** This requires uploading the `dev.pub` public key to the VyOS router +first. As an alternative you can also load the SSH public key directly from a +remote system: + +.. code-block:: sh + + loadkey jsmith scp://devuser@dev001.vyos.net/home/devuser/.ssh/dev.pub + |