140 The Command Line InterfaceAccessing the NVG ClusterTo enable better NVG management and user accountability, fivecategories of users can access the NVG cluster:• Operator is only granted read access to the menus and informationappropriate to this user access level. The Operator cannot make anychanges to the configuration.• Administrator can make any changes to the NVG configuration. Thus,the Administrator has read and write access to all menus, informationand configuration commands in the NVG software.• A Certificate Administrator is a member of the certadmin group, andhas sufficient user rights to manage certificates and private keys. Bydefault, only the Administrator user is a member of the certadmingroup. To separate the Certificate Administrator user role from theAdministrator user role, the Administrator user can add a new useraccount to the system, assign the new user to the certadmin group,and then remove himself or herself from the certadmin group. Formore information, see “Adding a New User” (page 81).• Boot user can only perform a reinstallation. For security reasons, itis only possible to log in as the Boot user through the console portusing terminal emulation software. The Boot user password cannot bechanged from the default ForgetMe.• Root user is granted full access to the underlying Linux operatingsystem. For security reasons, it is only possible to log in as the Rootuser through the console port using terminal emulation software. Rootuser access should mainly be reserved for advanced troubleshootingpurposes, under guidance from Nortel customer support.For more information, see “How to Get Help” (page 14).Access to the NVG command line interface and settings is controlledthrough the use of four predefined user accounts and passwords. Onceyou are connected to the VPN Gateway through a console connectionor remote connection (Telnet or SSH), you are prompted to enter a userNortel VPN GatewayUser GuideNN46120-104 02.01 Standard14 April 2008Copyright © 2007-2008 Nortel Networks.