The system creates a single login user account by default: the vyatta user with the vyatta password . It is highly recommended that, for security reasons, this password be changed.

If no RADIUS or TACACS+ server has been configured, the system authenticates users with the password established by using system login user <user> authentication.

You can change user account information by using lower-level operating system commands, but changes made in this way do not persist across reboots. For persistent changes to user account information, use the Vyatta CLI.

Note that in the vRouter the Linux passwd command can be used only by administrative users.

The login configuration node is a mandatory node. It is created automatically with default information when the system is first started. If this node is subsequently deleted, the system recreates it with default information when restarted.

A login password is supplied in plain text. After configuration is committed, the system encrypts the password and stores the encrypted version internally. When you display user configuration, only the encrypted version of the password is displayed.

Note that the login authentication prompt has a total timeout interval of 60 seconds. The sum of all timeout intervals must fall within that limit; otherwise—that is, if cumulative RADIUS and TACACS+ server timeout intervals exceed 60 seconds—the login process times out and must be repeated.