From c9eaafd9f808aba8d29be73054e11d37577e539a Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sat, 30 Dec 2023 23:25:20 +0100 Subject: T5474: establish common file name pattern for XML conf mode commands We will use _ as CLI level divider. The XML definition filename and also the Python helper should match the CLI node. Example: set interfaces ethernet -> interfaces_ethernet.xml.in set interfaces bond -> interfaces_bond.xml.in set service dhcp-server -> service_dhcp-server-xml.in (cherry picked from commit 4ef110fd2c501b718344c72d495ad7e16d2bd465) --- interface-definitions/system-login.xml.in | 302 ------------------------------ 1 file changed, 302 deletions(-) delete mode 100644 interface-definitions/system-login.xml.in (limited to 'interface-definitions/system-login.xml.in') diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in deleted file mode 100644 index be0145b4f..000000000 --- a/interface-definitions/system-login.xml.in +++ /dev/null @@ -1,302 +0,0 @@ - - - - - - - System User Login Configuration - 400 - - - - - Local user account information - - #include - - Username contains illegal characters or\nexceeds 100 character limitation. - - - - - Authentication settings - - - - - Encrypted password - - (\*|\!) - [a-zA-Z0-9\.\/]{13} - \$1\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{22} - \$5\$(rounds=[0-9]+\$)?[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{43} - \$6\$(rounds=[0-9]+\$)?[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{86} - - Invalid encrypted password for $VAR(../../@). - - ! - - - - One-Time-Pad (two-factor) authentication parameters - - - - - Limit number of logins (rate-limit) per rate-time - - u32:1-10 - Number of attempts - - - - - Number of login attempts must me between 1 and 10 - - 3 - - - - Limit number of logins (rate-limit) per rate-time - - u32:15-600 - Time interval - - - - - Rate limit time interval must be between 15 and 600 seconds - - 30 - - - - Set window of concurrently valid codes - - u32:1-21 - Window size - - - - - Window of concurrently valid codes must be between 1 and 21 - - 3 - - - - Key/secret the token algorithm (see RFC4226) - - txt - Base32 encoded key/token - - - [a-zA-Z2-7]{26,10000} - - Key must only include base32 characters and be at least 26 characters long - - - - - - - Plaintext password used for encryption - - - - - Remote access public keys - - txt - Key identifier used by ssh-keygen (usually of form user@host) - - - - - - Public key value (Base64 encoded) - - - - - - - - Optional public key options - - - - - SSH public key type - - ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519 sk-ecdsa-sha2-nistp256@openssh.com sk-ssh-ed25519@openssh.com - - - ssh-dss - Digital Signature Algorithm (DSA) key support - - - ssh-rsa - Key pair based on RSA algorithm - - - ecdsa-sha2-nistp256 - Elliptic Curve DSA with NIST P-256 curve - - - ecdsa-sha2-nistp384 - Elliptic Curve DSA with NIST P-384 curve - - - ecdsa-sha2-nistp521 - Elliptic Curve DSA with NIST P-521 curve - - - ssh-ed25519 - Edwards-curve DSA with elliptic curve 25519 - - - sk-ecdsa-sha2-nistp256@openssh.com - Elliptic Curve DSA security key - - - sk-ssh-ed25519@openssh.com - Elliptic curve 25519 security key - - - (ssh-dss|ssh-rsa|ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-ed25519|sk-ecdsa-sha2-nistp256@openssh.com|sk-ssh-ed25519@openssh.com) - - - - - - - - - - Full name of the user (use quotes for names with spaces) - - [^:]* - - Cannot use ':' in full name - - - - - Home directory - - txt - Path to home directory - - - \/$|(\/[a-zA-Z_0-9-.]+)+ - - - - - - #include - - - - - #include - - - Server priority - - u32:1-255 - Server priority - - - - - - 255 - - - - #include - - - - - TACACS+ based user authentication - - - - - TACACS+ server configuration - - ipv4 - TACACS+ server IPv4 address - - - - - - - #include - #include - #include - - 49 - - - - - - Security mode for TACACS+ authentication - - mandatory optional - - - mandatory - Deny access immediately if TACACS+ answers with REJECT - - - optional - Pass to the next authentication method if TACACS+ answers with REJECT - - - (mandatory|optional) - - - optional - - #include - #include - #include - - - - - Maximum number of all login sessions - - u32:1-65536 - Maximum number of all login sessions - - - - - Maximum logins must be between 1 and 65536 - - - - - Session timeout - - u32:5-604800 - Session timeout in seconds - - - - - Timeout must be between 5 and 604800 seconds - - - - - - - -- cgit v1.2.3