Junos OS

Expand all | Collapse all

Root authentication

Jump to Best Answer
  • 1.  Root authentication

     
    Posted 12-04-2018 02:17

    Hi,

     

    Should be a nice quick one....

     

    I have configured AAA authorisation for centralised administration of our Data Network and now I need to set a new root password.

     

    Strange thing is, I log on as root to configure this and I don't have access to anything, not even configuration mode.

     

    Is this due to AAA access requirement? If so, how do I get around this? Add root as a user to the group?



  • 2.  RE: Root authentication

    Posted 12-04-2018 02:37

    What is the authentication order configured? Are you able to execute "show cli authorization" command?



  • 3.  RE: Root authentication

     
    Posted 12-04-2018 02:41

    How weird is that....

     

    root@THW-SRX-01> show cli authorization
    Current user: 'remote' login: 'root' class 'read-only'
    Permissions:
    view -- Can view current values and statistics
    Individual command authorization:
    Allow regular expression: none
    Deny regular expression: none
    Allow configuration regular expression: none
    Deny configuration regular expression: none

     

    Root comes up as "read-only"....

     

    Authentication order is "radius" and then "password".... I did not think this would affect root though....



  • 4.  RE: Root authentication
    Best Answer

    Posted 12-04-2018 02:51

    I believe that you are using /etc/password for user information in your AAA server, which has root user. That is why AAA server is returning local user as "remote" for root user. You may have to fine-tune AAA config

     



  • 5.  RE: Root authentication

     
    Posted 12-04-2018 07:15

    Thanks Nellikka.

     

    I will tweak the AAA. Just to confirm, I changed the authenticaiton order to [password radius] and it worked, so it is indeed something to do with the AAA.