Modes and user’s configurations

Connect to SoodarOS

There are 3 ways of connecting to router for configuring:

Physical connection:
1. Direct connection( via monitor and keyboard)
2. Console connection( RS-232)
Remote connection:
1. SSH connection

Physical connection

The physical connection is the most privileged mode of connection. by Console connection, you don’t need any password and you have all accesses. Altough, Connecting with a keyboard and monitor requires the *Access pasword*( see section user-password-access).

Remote connection

Using well-known SSH Protocol, enabled router remote access.

Example : Having a management interface with address 192.168.1.1/24:
m@m-pc:~$ ssh admin@192.168.1.1
admin@192.168.1.1's password:

Users

Currently, only one admin user is available and it is named admin. It is the username that is used with SSH connection.

Modes

View mode Admin has access to some show commands to view state of router.
Enable mode: Admin can’t change the router’s configs. But he can enable debug commands and some more privileged commands than view mode
Config mode: Full access to router.

Passwords

SoodarOS is protected by 3 levels of passwords:

Access password
Enable password
Config password

Access password

It’s the main password to log in with the user. A person without having the access password, can’t have any access to the router( unless he is conencted via console) An admin with knowing only access password, is an admin with just view mode privilege.

password: Change access password

Enable password

Put an admin in enable mode. It is asked when admin issues enable command.

enable password PASSWORD: Set enable password

no enable password PASSWORD: Disable enable password.

Config password

Asked when admin input configure in command line to enter config mode.

enable config password PASSWORD: Set config password

no enable config password PASSWORD: Disable config password

Reset access password

In case access password is forgotten, connect to soodar via console and enter user password

user password: Reset access password. enabled when conencted through physical access.

Login Failures

Admin can ask for details of failed logins. These details are:

User name: The user which was tried to logged in to( currently just admin) Medium: Whether it was through SSH or Console Address: In case of remote login attempt, IP address of the initiator machine. Else it’s 0.0.0.0. Date: Attemption date

show login failures

Example:

soodar# show login failures
admin   ssh:notty       192.168.1.13    Thu Sep 17 09:18
admin   ssh:notty       192.168.1.13    Thu Sep 17 09:18
admin   ssh:notty       192.168.1.13    Thu Sep 17 09:18

Note

Login logs are stored only for 1 month.