4.2. General System settings

The system top-level object can specify attributes that control general, global system settings. The available attributes are described in the following sections, and can be configured in the User Interface by choosing the "Setup" category, then clicking the "Edit" link under the heading "System settings".

The software auto upgrade process is controlled by system objects attributes - these are described in Section 4.3.3.2.

4.2.1. System name (hostname)

The system name, also called the hostname, is used in various aspects of the FB2500's functions, and so we recommend you set the hostname to something appropriate for your network.

The hostname is set using the name attribute.

4.2.2. Administrative details

The attributes shown in Table 4.3 allow you to specify general administrative details about the unit :-

Table 4.3. General administrative details attributes

AttributePurpose
commentGeneral comment field
contactContact name
introText that appears on the 'home' page - the home page is the first page you see after logging in to the FB2500. This text is also displayed immediately after you login to a command-line session.
locationPhysical location description

4.2.3. System-level event logging control

The log and log-... attributes control logging of events related to the operation of the system itself. For details on event logging, please refer to Chapter 5, and for details on the logging control attributes on system object, please refer to Section 5.7.

4.2.4. Home page web links

The home page is the first page you see after logging in to the FB2500, or when you click the Home main-menu item. The home page displays the system name, and, if defined, the text specified by the intro attribute on the system object.

Additionally, you can define one or more web links to appear on the home page. These are defined using link objects, which are child objects of the system object.

To make a usable link, you must specify the following two attributes on the link object :-

  • text : the text displayed as a hyperlink
  • url : link destination URL

Additionally, you can name a link, specify a comment, and make the presence of the link on the home page conditional on a profile.

4.2.5. Password hashing

The user settings on the firebrick have password control (as well as optional OATH one time pad restrictions). In the config this is entered as a simple password, but when accessed you will see that the password has been replaced with a hash.

The FireBrick supports a number of hash functions for passwords, but on any successful login may change the in-memoty config to use the current preferred password hash function. This is done if a very old hash is being used. This is not automatically saved, but any view/edit of the config will see the new hash and on save will record the new hash. This allows FireBrick to more to more secure password hash functions in future whilst maintaining backward compatibility.

If making a config file independantly you can generate the hashes yourself in most cases. The supported hash codings ar as follows. For salted hashes, the salt is the additional bytes after the number of bytes for the hash.

  • FB105#[10 bytes of hex]: A legacy for the old FB105 password hashing, used by the FB105 conversion tool.
  • MD5#[16 to 19 bytes of hex]: The first 16 bytes are an MD5 hash of the password appended with up to 3 bytes of salt.
  • SHA1#[20 to 31 bytes of hex]: The first 20 bytes are an SHA1 hash of the password appended with up to 11 bytes of salt.
  • SHA256#[32 to 47 bytes of hex]: The first 32 bytes are an SHA256 hash of the password appended with up to 15 bytes of salt.

The preferred has is SHA256 with 15 bytes of salt.