Operating System User Security Extensions
This feature enables the administrator to configure the following additional user security extensions:
|
■
|
Maximum allowed numbers of simultaneous open sessions. |
|
■
|
Inactivity time period (days) before the OS user is locked. |
To configure these parameters, in the OS Passwords Settings menu, configure parameters according to the procedure below (see also green arrows indicating the relevant parameters to configure ).
|
➢
|
To configure operating system users security extensions: |
|
1.
|
The Change General Password Settings prompt is displayed; type n, and then press Enter. |
Do you want to change general password settings ? (y/n) n
|
2.
|
The Change password for a specific user prompt is displayed; type y, and then press Enter. |
Do you want to change password for specific user ? (y/n) y
|
3.
|
Enter the Username upon which you wish to configure, and then press Enter. |
Enter Username [acems]:
|
4.
|
The change User Password prompt is displayed; type n, and then press Enter. |
Do you want to change its password ? (y/n) n
|
5.
|
An additional Password prompt is displayed, type y, and then press Enter. |
Do you want to change its login and password properties? (y/n) y
|
6.
|
The Password Validity prompt is displayed; press Enter. |
Password Validity Max Period (days) [90]:
|
7.
|
The Password Update prompt is displayed; press Enter. |
Password Update Min Period (days) [1]:
|
8.
|
The Password Warning prompt is displayed; press Enter. |
Password Warning Max Period (days) [7]:
|
9.
|
The Maximum number of Simultaneous Open Sessions prompt is displayed; enter the number of simultaneous open SSH connections you wish to allow for this user, and then press Enter. |
Maximum allowed number of simultaneous open sessions [0]:
|
10.
|
The Inactivity Days prompt is displayed; enter the number of inactivity days before the user is locked. For example, if you’d like to suspend a specific user if they have not connected to the OVOC server for a week, enter 7 days, and then press Enter. |
Days of inactivity before user is locked (days) [0]:
OS Passwords Settings with Security Extensions
If the user attempts to open more than three SSH sessions simultaneously, they are prompted and immediately disconnected from the fourth session as displayed in the figure below.
Maximum Active SSH Sessions
By default you can connect through SSH to the OVOC server with user acems only. If you configure an inactivity days limitation on this user, the situation may arise, for example, where a user is away for an extended period and has no active user to access the OVOC server. Therefore, we strongly recommend to use this limitation very carefully and preferably to configure this option for each user to connect to the OVOC server through SSH other than with the acems user.