login

Use this command to log into the system. After you enter this command, the system requests a password. For security reasons, the password is not displayed at the terminal.

Parameters

uid (mandatory)

User ID. The system prompts the user for a valid password after entering in this ID.

Range:: azzzzzzzzzzzzzzz
1 alphabetic character followed by up to 15 alphanumeric characters

Example

login:uid=john

Dependencies

The user cannot be logged onto any terminal while changing the password.

The user ID must not be logged in to another port already, and it must not be revoked.

The user ID must have been logged in successfully within the number of days specified on the uout parameter of the ent-user command.

The OA&M IP Security Enhancements feature must be turned on before the password can be changed from a Telnet terminal (IDs 17-40) if the user is logging in with the assigned ID and password for the first time, or the password has expired.

The password can contain up to 20 characters.

The password must contain at least the number of characters specified by the minlen parameter in the chg-secu-dflt command.

The password must contain at least the number of alphabetic characters specified by the alpha parameter in the chg-secu-dflt command.

The password must contain at least the number of numeric characters specified by the num parameter in the chg-secu-dflt command.

The password must contain at least the number of punctuation characters specified by the punc parameter in the chg-secu-dflt command.

The password cannot contain the associated User ID.

The number of days specified by the minintrvl parameter in the chg-secu-dflt command must pass between password changes.

The password must contain fewer duplicate characters from the existing password than the number specified by the pchreuse parameter in the chg-secu-dflt command.

The password cannot be the same as a previous password if the limit in the password history, specified by the preuse parameter of the chg-secu-dflt command, has been reached.

The current password cannot be entered as the new password.

The values specified for the uid parameter and for the password must already exist.

Notes

The act-user command can be used in place of login. The act-user command has been provided in compliance with TL1 standards.

When a new system is shipped, the user ID and password are set to the system. These should be changed immediately to ensure system security.

At the time of login, when a password is entered for a user, only the first 20 bytes are chosen for validation.

Output

When the login command is entered, a password prompt occurs. If the password and User ID are valid, then the login is processed. When a password change is required, password rules are displayed, and a new password is requested. The login is granted if the change is successful, then or if no password change is necessary.

After login is granted, a banner is displayed. This banner consists of the warning text provided on the chg-secu-dflt command, indications about the last login, and any unsuccessful login attempts.

This example shows the output for a normal login path with no request for new password:


                login:uid=eagle


    eagle5 10-02-19 19:37:16 EST  EAGLE5 42.0.0
    User logged in on terminal 3. 
;

    eagle5 10-02-19 19:37:16 EST  EAGLE5 42.0.0
    NOTICE: This is a private computer system.
    Unauthorized access or use may lead to prosecution.
    0 LOGIN failures since last successful LOGIN
    Last successful LOGIN was on port 3 on 10-02-18 @ 20:38:26 
;

This example shows the output for a login where a password change is required:

 login:uid=user1


Enter Password : 
Enter new password (password has expired and must be changed) : 
Verify Password : 
Command Accepted - Processing
    e5oam 10-02-19 23:30:57 EST  EAGLE 47.0.0.0.0
    login:uid=user1
    Command entered at terminal #3. 
;

    e5oam 10-02-19 23:30:59 EST  EAGLE 47.0.0.0.0
    New password must contain:
      - between 8 and 20 characters
      - at least 1 alphabetic character(s) ('a'-'z')
      - at least 1 numeric character(s) ('0'-'9')
      - at least 1 punctuation character(s) (e.g. $%@#)
    New password must:
      - be unique from the old password
      - be unique from the last 2 historical password(s)
      - not reuse more than 4 character(s) from the old password 
;

The following is an example of logging when the EAGLE OA&M IP Security control feature (893400001) has a status of OFF. That Feature Control Status blocks all alarming with the use of non-secure IP protocols for FTP servers and the terminal SSH setting:

tekelecstp 16-10-24 13:31:13 EST  EAGLE 46.5.0.0.0-70.6.0
    login:uid=eagle
    Command entered at terminal #3.
;

    tekelecstp 16-10-24 13:31:17 EST  EAGLE 46.5.0.0.0-70.6.0
    User logged in on terminal 3.
;

    tekelecstp 16-10-24 13:31:17 EST  EAGLE 46.5.0.0.0-70.6.0

    Copyright (c) 1993, 2015, Oracle and/or its affiliates. All rights reserved.

    NOTICE: This is a private computer system.
    Unauthorized access or use may lead to prosecution.
    1 LOGIN failures since last successful LOGIN
    Last successful LOGIN was on port 4 on 16-10-24 @ 13:06:06

    ***WARNING: OA&M IP Security FAK-OFF, insecure access protocols not alarmed

;

4.384 login