Virtual TapeServer 8.0 Configuration Guide
99
Configuring User Accounts
This chapter describes how to manage and use the operating system and web interface
accounts on the VTS server.
Managing operating system accounts
By default, the following user accounts are provided for the VTS operating system (Linux):
• root
•bill
•vtsa
The first time you log in to the VTS operating system using one of these usernames, you are
prompted to change the password. An acceptable password must comprise eight characters,
including one numeric character, one uppercase character, one lowercase character, and one
other (non-alphanumeric) character.
If you wish to reset the root and bill accounts to the default settings, you can run the following
script (as root): /usr/local/tape/bin/ResetDefaultPasswords.bash. After running this
script, you must change the password the next time each username is used to log in.
In general, keep the following in mind when logging in to VTS:
• After five failed login attempts, the user is locked out for 60 seconds. The count is reset
when a password is successfully entered.
• Idle shell sessions terminate after two hours
Using the vtsa account
The vtsa account enables a user to perform most maintenance activities without having root
access. It is a member of the vtsmaint group, and its password must be changed after the first
login. Then, by default, the password expires every 90 days.
Note If you want to restrict access of the bill account, thereby forcing users to use vtsa and
denying access to functions that may present security vulnerabilities, refer to
Restricting access to bill on page 102.
Note the following about the vtsa account:
• Accessible by SSH
• Runs in a restricted shell
• Can “su” to other accounts