Context Selection for Context-level Administrative User Sessions
The system comes configured with a context called
local
that you use specifically for management purposes.
The context selection process for context-level administrative users (those configured within a context) is
simplified because the management ports on the SPIO are associated only with the Local context. Therefore,
the source and destination contexts for a context-level administrative user responsible for managing the entire
system should always be the local context.
A context-level administrative user can also connect through other interfaces on the system and still have full
system management privileges.
A context-level administrative user can be created in a non-local context. These management accounts have
privileges only in the context in which they are created. This type of management account can connect directly
to a port in the context in which they belong, if local connectivity is enabled (SSHD, for example) in that
context.
For all FTP or SFTP connections, you must connect through an SPIO interface. If you SFTP or FTP as a
non-local context account, you must use the username syntax of
username@contextname
.
In release 20.0 and higher Trusted StarOS builds, FTP is not supported.
Important
The context selection process becomes more involved if you are configuring the system to provide local
authentication or work with a AAA server to authenticate the context-level administrative user.
The system gives you the flexibility to configure context-level administrative users locally (meaning that their
profile will be configured and stored in its own memory), or remotely on an AAA server. If a locally-configured
user attempts to log onto the system, the system performs the authentication. If you have configured the user
profile on an AAA server, the system must determine how to contact the AAA server to perform authentication.
It does this by determining the AAA context for the session.
ASR 5000 System Administration Guide, StarOS Release 21.1
7
System Operation and Configuration
Context Selection for Context-level Administrative User Sessions
Summary of Contents for ASR 5000
Page 26: ...ASR 5000 System Administration Guide StarOS Release 21 1 xxvi Contents ...
Page 316: ...ASR 5000 System Administration Guide StarOS Release 21 1 288 VLANs VLAN Related CLI Commands ...
Page 400: ...ASR 5000 System Administration Guide StarOS Release 21 1 372 Engineering Rules ECMP Groups ...