Cisco Cisco Expressway Maintenance Manual
3.
In the vSphere console log in with the username
pwrec
. No password is required.
4.
When prompted, select the account (root or the username of the administrator account) whose password you
want to change.
want to change.
5.
You will be prompted for a new password.
The pwrec account is only active for one minute following a reboot. After that time you will have to reboot the system
again to reset the password.
again to reset the password.
Using the Root Account
The Expressway provides a root account which can be used to log in to the Expressway operating system. This
account has a username of root (all lower case) and a default password of TANDBERG (all upper case). For security
reasons you must change the password as soon as possible. An alarm is displayed on the web interface and the CLI if
the root account has the default password set.
account has a username of root (all lower case) and a default password of TANDBERG (all upper case). For security
reasons you must change the password as soon as possible. An alarm is displayed on the web interface and the CLI if
the root account has the default password set.
Note:
the root account may allow access to sensitive information and it should not be used in normal operation, and
in particular system configuration should not be conducted using this account. Use the admin account instead.
Changing the Root Account Password
To change the password for the root account:
1.
Log in to the Expressway as root using the existing password. By default you can only do this using a serial
connection or SSH.
connection or SSH.
2.
Type the command passwd.
You will be asked for the new password.
You will be asked for the new password.
3.
Enter the new password and when prompted, retype the password.
4.
Type exit to log out of the root account.
Accessing the Root Account Over SSH
The root account can be accessed over a serial connection or SSH only.
To enable and disable access to the root account using SSH:
1.
Log in to the Expressway as root.
2.
Type one of the following commands:
—
rootaccess --ssh on
to enable access using SSH
—
rootaccess --ssh off
to disable access using SSH
3.
Type exit to log out of the root account.
If you have disabled SSH access while logged in using SSH, your current session will remain active until you log out,
but all future SSH access will be denied.
but all future SSH access will be denied.
Managing SSO tokens
Go to Users > SSO token holders to view the list of users who currently hold SSO tokens. This page can help you
troubleshoot issues related to single sign-on for a particular user.
troubleshoot issues related to single sign-on for a particular user.
You can also use this page to Purge tokens from all holders. This option is probably disruptive for your users so make
sure you need it before you proceed. You may need it, for example, if you know your security is compromised, or if you
are upgrading internal or edge infrastructure.
sure you need it before you proceed. You may need it, for example, if you know your security is compromised, or if you
are upgrading internal or edge infrastructure.
249
Cisco Expressway Administrator Guide
User Accounts