User Access To Operating System Shell - Cisco ASR 5000 Series Administration Manual
Staros release 21.4
Hide thumbs
Also See for ASR 5000 Series:
- Product overview (992 pages) ,
- Installation manual (317 pages) ,
- Administration manual (234 pages)
Table of Contents
Advertisement
User Access to Operating System Shell
done, they could then "demote" the privileges of all the other users, thereby locking the proper administrators
out of the system.
The starLocalUserPrivilegeChanged trap indicates that a local user's privilege level has been changed.
User Access to Operating System Shell
The starOsShellAccessed trap indicates that a user has accessed the operating system shell.
Test-Commands
Users with Security Administrator or Administrator privilege can enable the display of previously hidden
test-commands. The CLI test-commands mode displays new command keywords for existing commands, as
well as new commands.
Caution
CLI test-commands are intended for diagnostic use only. Access to these commands is not required during
normal system operation. These commands are intended for use by Cisco TAC personnel only. Some of
these commands can slow system performance, drop subscribers, and/or render the system inoperable.
Enabling cli test-commands Mode
To enable access to test-commands, a Security Administrator must log into the Global Configuration mode
and enter cli hidden.
This command sequence is shown below.
[local]
[local]
[local]
By default cli hidden is disabled.
Important
Enabling Password for Access to CLI-test commands
A Security Administrator can set a plain-text or encrypted password for access to CLI test commands. The
password value is stored in /flash along with the boot configuration information. The show configuration
and save configuration commands will never output this value in plain text.
The Global Configuration mode command tech-support test-commands [encrypted] password new_password
[ old-password old_password ] sets an encrypted or plain-text password for access to CLI test-commands.
ASR 5500 System Administration Guide, StarOS Release 21.4
112
host_name
config
#
host_name
cli hidden
(config)#
host_name
(config)#
Low-level diagnostic and test commands/keywords will now be visible to a user with Administrator or
higher privilege. There is no visual indication on the CLI that the test-commands mode has been enabled.
System Security
Advertisement
Table of Contents
Troubleshooting
