From 3a64047c2f1b6279de4b1ada7e87aa5c871f5604 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 2 Feb 2020 18:40:14 +0100 Subject: ogin: user: radius: T1948: use discrete configuration for each system Split combined XML/Python code to individual code for local user accounts and RADIUS authenticated accounts. --- interface-definitions/system-login-radius.xml.in | 67 +++++++++ interface-definitions/system-login-user.xml.in | 121 ++++++++++++++++ interface-definitions/system-login.xml.in | 177 ----------------------- 3 files changed, 188 insertions(+), 177 deletions(-) create mode 100644 interface-definitions/system-login-radius.xml.in create mode 100644 interface-definitions/system-login-user.xml.in delete mode 100644 interface-definitions/system-login.xml.in (limited to 'interface-definitions') diff --git a/interface-definitions/system-login-radius.xml.in b/interface-definitions/system-login-radius.xml.in new file mode 100644 index 000000000..00e85db3e --- /dev/null +++ b/interface-definitions/system-login-radius.xml.in @@ -0,0 +1,67 @@ + + + + + + + + + RADIUS based user authentication + + + + + RADIUS client source address + + ipv4 + TFTP IPv4 listen address + + + + + + + + + RADIUS server configuration + + + + + RADIUS shared secret key + + + + + RADIUS authentication port + + 1-65535 + Numeric IP port (default: 1812) + + + + + + + + + Timeout for RADIUS session + + 1-30 + Session timeout in seconds (default: 2) + + + + + Timeout must be between 1 and 30 seconds + + + + + + + + + + + diff --git a/interface-definitions/system-login-user.xml.in b/interface-definitions/system-login-user.xml.in new file mode 100644 index 000000000..970bcf799 --- /dev/null +++ b/interface-definitions/system-login-user.xml.in @@ -0,0 +1,121 @@ + + + + + + + User Login + 400 + + + + + User account information + + [a-zA-Z0-9\-_\.]{1,100} + + Username contains illegal characters or\nexceeds 100 character limitation. + + + + + Password authentication + + + + + Encrypted password + + (\*|\!) + [a-zA-Z0-9\.\/]{13}$ + \$1\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{22} + \$5\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{43} + \$6\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{86} + + Invalid encrypted password for $VAR(../../@). + + + + + + Plaintext password used for encryption + + + + + Remote access public keys + + >identifier< + Key identifier used by ssh-keygen (usually of form user@host) + + + + + + Public key value (base64-encoded) + + + + + + + + Optional public key options + + + + + + + ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519 + + + ssh-dss + + + + ssh-rsa + + + + ecdsa-sha2-nistp256 + + + + ecdsa-sha2-nistp384 + + + + ssh-ed25519 + + + + (ssh-dss|ssh-rsa|ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-ed25519s) + + + + + + + + + + Full name of the user (use quotes for names with spaces) + + [^:]*$ + + Cannot use ':' in full name + + + + + Home directory + + + + + + + + + diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in deleted file mode 100644 index 6e990290d..000000000 --- a/interface-definitions/system-login.xml.in +++ /dev/null @@ -1,177 +0,0 @@ - - - - - - - User Login - 400 - - - - - RADIUS based user authentication - - - - - RADIUS client source address - - ipv4 - TFTP IPv4 listen address - - - - - - - - - RADIUS server configuration - - - - - RADIUS shared secret key - - - - - RADIUS authentication port - - 1-65535 - Numeric IP port (default: 1812) - - - - - - - - - Timeout for RADIUS session - - 1-30 - Session timeout in seconds (default: 2) - - - - - Timeout must be between 1 and 30 seconds - - - - - - - - - User account information - - [a-zA-Z0-9\-_\.]{1,100} - - Username contains illegal characters or\nexceeds 100 character limitation. - - - - - Password authentication - - - - - Encrypted password - - (\*|\!) - [a-zA-Z0-9\.\/]{13}$ - \$1\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{22} - \$5\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{43} - \$6\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{86} - - Invalid encrypted password for $VAR(../../@). - - - - - - Plaintext password used for encryption - - - - - Remote access public keys - - >identifier< - Key identifier used by ssh-keygen (usually of form user@host) - - - - - - Public key value (base64-encoded) - - - - - - - - Optional public key options - - - - - - - ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519 - - - ssh-dss - - - - ssh-rsa - - - - ecdsa-sha2-nistp256 - - - - ecdsa-sha2-nistp384 - - - - ssh-ed25519 - - - - (ssh-dss|ssh-rsa|ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-ed25519s) - - - - - - - - - - Full name of the user (use quotes for names with spaces) - - [^:]*$ - - Cannot use ':' in full name - - - - - Home directory - - - - - - - - - -- cgit v1.2.3