Cli_Security; Connect_Security - Bay Networks 5390 Administering

Configuration Parameters

cli_security

This asynchronous port parameter enables user authentication by the host-based ACP server for all
CLI connections. When disabled, you cannot use any Model 5390 security mechanism other than
the administrative password for CLI ports. A Y enables this parameter, an N disables it. The default
is N.
config_file
This Model 5390 parameter defines the file name for the configuration file maintained on the load
host. This file contains information about gateways, rotaries, macros, and services; it must reside
in the directory
/usr/spool/erpcd/bfs. The default file name is config.annex.

connect_security

This asynchronous port parameter enables the host-based security policy for access from the CLI
to the network (using telnet and rlogin only). If connect_security is enabled, the user must receive
authorization to connect to a host on the network. The supplied security policy scans the file /
install-directory/acp_restrict to authorize a connection to a host from the Model 5390 server. If
authorization is not granted, the connection is not made. A Y enables this parameter, an N disables
it. The default is N.
C2-18
Table C2-5. Formatting Codes for Model 5390 Prompts (continued)
Code Expansion
%u The user name defined for the port; if none, a null string.
NOTE: When cli_security is enabled, the Model 5390 server logs
PPP/SLIP logins/logouts to the acp_logfile.
893-741-B