info_i_25x25.png See important information about Ubiquiti Devices and KRACK Vulnerability in this article. We will update this document as more information becomes available.

EdgeRouter - Create and delete user accounts on EdgeOS

Overview


Users will learn how to remove default user accounts in EdgeOS using the GUI or CLI. Authentication* can also be set up and managed via a RADIUS server.

Using GUI


To remove the default user account, do the following:

  1. Create a new user.
  2. Log out of the default user account.
  3. Log in with the new user account.
  4. Delete the default user account.

Using CLI


Use the setcommitsaveexit, and delete commands.

Create New User Account

ubnt@ubnt:~$ configure
[edit]
ubnt@ubnt# set system login user admin1 authentication plaintext-password admin1pass
[edit]
ubnt@ubnt# commit
[edit]
ubnt@ubnt# save
Saving configuration to '/config/config.boot'...
Done
[edit]
ubnt@ubnt# exit
exit
ubnt@ubnt:~$ exit
logout

Delete Default User Account

Welcome to EdgeOS ubnt ttyS0
ubnt login: admin1
Password:
Linux ubnt 2.6.32.13-UBNT #1 SMP Fri Jun 8 09:48:31 PDT 2012 mips64
Welcome to EdgeOS
admin1@ubnt:~$ configure
[edit]
admin1@ubnt# delete system login user ubnt
[edit]
admin1@ubnt# commit
[edit]
admin1@ubnt# save
Saving configuration to '/config/config.boot'...
Done
[edit]
admin1@ubnt# exit
exit
admin1@ubnt:~$

The plaintext password that you entered is converted to an encrypted password.

admin1@ubnt:~$ configure
[edit]
admin1@ubnt# show system login
 user admin1 {
 authentication {
 encrypted-password $1$mv8ERQ1T$7xq/eUDwy/5And7nV.9r6.
 plaintext-password ""
 }
}
[edit]
admin1@ubnt# exit
exit
admin1@ubnt:~$

RADIUS

EdgeOS supports login authentication using an external RADIUS server. To configure a RADIUS login, use the following commands:

configure
set system login radius-server <ip address> secret <radius key>
commit
save
exit

Note


*A local user account must also exist on the system even when RADIUS authentication is used.