для Cisco Cisco Packet Data Gateway (PDG)
StarOS Security
Hidden Commands ▀
VPC-VSM System Administration Guide, StarOS Release 19 ▄
93
Hidden Commands
A Security Administrator can set a plain-text or encrypted password for access to CLI test commands. The password
value is stored in /flash along with the boot configuration information. The show configuration and save configuration
commands will never output this value.
value is stored in /flash along with the boot configuration information. The show configuration and save configuration
commands will never output this value.
Caution:
VPC-VSM requires that cli test-commands mode be enabled. Use of cli test-commands other than
those required to configure SecGW can slow system performance, drop subscribers, and/or render the system
inoperable.
inoperable.
Enabling cli test-commands Mode
The Global Configuration mode command tech-support test-commands [encrypted] password password sets an
encrypted or plain-text password for access to CLI test-commands.
encrypted or plain-text password for access to CLI test-commands.
When a test-commands password is enabled, the Global Configuration mode command cli test-commands [encrypted]
password password requires the entry of the password keyword. If the encrypted keyword is specified, the password
argument is interpreted as an encrypted string containing the password value. If the encrypted keyword is not specified,
the password argument is interpreted as the actual plain text value
password password requires the entry of the password keyword. If the encrypted keyword is specified, the password
argument is interpreted as an encrypted string containing the password value. If the encrypted keyword is not specified,
the password argument is interpreted as the actual plain text value
Important:
If tech-support test-commands password is never configured, cli-test commands will always fail.
If the password keyword is not entered for cli test-commands, the user is prompted (no-echo) to enter the password.
Also, cli hidden must be enabled by a Security Administrator to access the CLI test-commands.
Also, cli hidden must be enabled by a Security Administrator to access the CLI test-commands.
Important:
Low-level diagnostic and test commands/keywords will now be visible to a user with Administrator
or higher privilege. There is no visual indication on the CLI that the test-commands mode has been enabled.
Enabling Password for Access to CLI-test commands
The Global Configuration mode command tech-support test-commands [encrypted] password password sets an
encrypted or plain-text password for access to CLI test-commands.
encrypted or plain-text password for access to CLI test-commands.
This command sequence is shown below.
[local]host_name# config
[local]host_name(config)# tech-support test-commands [encrypted] password
password
password
[local]host_name(config)#