Determine how you will configure passwords. You can do any or all of the following:
-
Allow the host operating system to validate users. This method provides the highest level of security and is easy to manage because it relies on the security implementation that is already in place. There are two variations: Any valid user can access one of the levels (All, Monitor, Ping), or specific users can access a specific security level. Defining specific access requires more maintenance because you must list the user names in the configuration files (serverConnect.conf and clientConnect.conf). The System Administration Guide defines methods to configure and to secure access for these files.
-
Specify unique passwords for individual users. Consider this method only when there are very few users because it requires a high level of maintenance.
Note:This is less secure than permitting the host to validate users. Plan on using the password encryption mechanism. The System Administration Guide provides information on using this encryption mechanism.
-
Specify a common user name with a common password. This method is the least secure, but very easy to maintain. The System Administration Guide provides information on using this.
Note:You can combine these methods, for example, you could restrict administration (All) capabilities to specific users validated by the operating system. In addition, you could provide Monitor level abilities to a general user named, Monitor.