Virtual TapeServer 8.2 Configuration Guide
Table Of Contents
- Virtual TapeServer for NonStop Servers Configuration Guide
- Preface
- Introduction
- Overview of Tasks
- Reconfiguring Vaults
- Enabling Licensed Features
- Configuring Ports
- Creating and Managing VTLs and VTDs
- Enabling and Performing Tape-to-tape Exports
- Enabling and Performing Stacked Exports
- Enabling and Configuring Data Replication
- Enabling and Configuring Role Swapping
- Configuring EMS Communication
- Enabling and Configuring Data Encryption
- Creating and Managing Virtual Media
- Enabling and Configuring Scan/Cleanup
- Configuring User Accounts
- Configuring Web Interface Preferences
- Managing the VTS Server
- Troubleshooting
- Maintaining GFS for VTS
- Reinstalling and Restoring VTS
- Attaching External Devices after Initial Deployment
- TCP/IP Ports and Protocols
- Index
97
Configuring User Accounts
This chapter describes how to manage and use the operating system and web interface
accounts on the VTS server.
Managing operating system accounts
By default, the following user accounts are provided for the VTS operating system (Linux):
• root
•bill
•vtsa
The first time you log in to the VTS operating system using one of these usernames, you are
prompted to change the password. An acceptable password must comprise eight characters,
including at least one numeric character, one uppercase character, one lowercase character,
and one other (non-alphanumeric) character. Note that if you use an uppercase character as
the first character in the password or if you use a numeric character as the last, you must
provide these character types in other positions in the new password.
If you wish to reset the root and bill accounts to the default settings, you can run the following
script (as root): /usr/local/tape/bin/ResetDefaultPasswords.bash. After running this
script, you must change the password the next time each username is used to log in.
In general, keep the following in mind when logging in to VTS:
• After five failed login attempts, the user is locked out for 60 seconds. The count is reset
when a password is successfully entered.
• Idle shell sessions terminate after two hours
Using the vtsa account
The vtsa account enables a user to perform most maintenance activities without having root
access. It is a member of the vtsmaint group, and its password must be changed after the first
login. Then, by default, the password expires every 90 days.
Note If you want to restrict access of the bill account, thereby forcing users to use vtsa and
denying access to functions that may present security vulnerabilities, refer to
Restricting access to bill on page 100.
Note the following about the vtsa account:
• Accessible by SSH
• Runs in a restricted shell
• Can “su” to other accounts