Bay Networks 5390 Administering page 423

To configure the Model 5390 server for a local VCLI password protection:
• Enable local security by setting the enable_security parameter to Y.
• Disable VCLI remote security by setting the vcli_security parameter to N.
• Define a password using the vcli_password parameter.
You can also use the vcli_password as a back-up to host-based security. When local VCLI password
protection is used as a back-up, the Model 5390 server first accesses the security server to validate
a CLI connection request. If no response is received from a security server, the Model 5390 server
requests the local VCLI password. The user can enter either the VCLI password or the Model 5390
administrative password.
To set up the local VCLI password for back-up security:
• Enable security by setting the enable_security parameter to Y.
• Enable VCLI security by setting the vcli_security parameter to Y.
• Define a password using the vcli_password parameter.
• Define a security server host using the pref_secure1_host, pref_secure2_host, or
security_broadcast parameter
(for example, 0.0.0.0).
• Create a password file on the security server (see Creating User Password Files on page
A15-11).
If the remote server(s) fail:
• Access is permitted only through the VCLI password.
• No access is permitted if the vcli_password parameter is not set.
893-741-B
NOTE: The show annex command does not display the value of the
vcli_password parameter. Instead, it displays "<set>" or "<unset>".
Using Model 5390 Security
A15-3