To change the password in VyOS, log in to the system using the current username and password. Then enter the following command in the CLI:

set system login user USERNAME password PASSWORD

Replace "USERNAME" with the appropriate username and "PASSWORD" with the desired password. After entering the command, commit the changes with the following command:

commit and save

To set up SSH key-based authentication from mgmt01 to at least web01 or log01, follow these steps:

1. Generate a new SSH key pair on mgmt01 using the following command:

  ssh-keygen -t rsa
  

2. Copy the public key to web01 or log01 by running the following command on mgmt01:

  ssh-copy-id USERNAME@web01
  

3. Replace "USERNAME" with the appropriate username on web01 or log01.
4. Test the key-based authentication by running the following command on mgmt01:

  ssh USERNAME@web01
  

In Linux systems, the "authpriv" facility is used to log messages related to authentication and security-related events. To log these messages, edit the Rsyslog configuration file (usually located at /etc/rsyslog.conf) and add the following line:

authpriv.*     /var/log/secure

This will log all messages with the "authpriv" facility to the "/var/log/secure" file. Restart the Rsyslog service for the changes to take effect.

Rsyslog allows for flexible configuration through the use of drop-in files. To create a drop-in file, create a new file in the "/etc/rsyslog.d" directory with the ".conf" extension. In the new file, add the desired configuration changes, such as forwarding events to a remote syslog server or filtering events based on severity level. The changes in the drop-in file will be automatically applied by Rsyslog without the need to modify the main configuration file.

To configure the web01 client to forward authentication events to a remote syslog server, add the following lines to a drop-in file in "/etc/rsyslog.d" on the web01 client:

$template RemoteLogs,"%fromhost% %syslogtag%%msg%"
authpriv.* @REMOTE_SYSLOG_SERVER