# File lib/simp/cli/config/items/action/warn_lockout_risk_action.rb, line 12
    def initialize
      super
      @key             = 'login::lockout::check'
      @description     = 'Check for login lockout risk'
      @warning_file    = Simp::Cli::BOOTSTRAP_START_LOCK_FILE
      @warning_message_brief = 'Locking bootstrap due to potential login lockout.'
      @warning_message = "\n\#{'#'*72}\nPer security policy, SIMP, by default, disables login via ssh for all\nusers, including 'root', and beginning with SIMP 6.0.0 disables, root\nlogins at the console.  So, to prevent lockout in systems for which\nno administrative user account has yet been created or both console\naccess is not available and the administrative user's ssh access has\nnot yet been enabled, you should configure a local user for this server\nto have both su and ssh privileges.  This entails the following:\n\n1. Create a local user account, as needed, using useradd.\n\n2. Create a Puppet manifest to enable su and allow ssh access.  For\n   example,\n\n   class userx_user (\n   Boolean $pam = simplib::lookup('simp_options::pam', { 'default_value' => false }),\n   ) {\n     if $pam {\n       include '::pam'\n\n       pam::access::rule { 'allow_userx':\n         users   => ['userx'],\n         origins => ['ALL'],\n         comment => 'The local user, used to remotely login to the system in the case of a lockout.'\n       }\n     }\n\n     sudo::user_specification { 'default_userx':\n       user_list => ['userx'],\n       runas     => 'root',\n       cmnd      => ['/bin/su root', '/bin/su - root']\n     }\n   }\n\n3. Add the class created in Step 2 to the class list for the SIMP\n   server in its host YAML file.\n\n      ...\n      classes:\n        - userx_user\n      ...\n\n4. If the local user is configured to login with pre-shared keys\n   instead of a password, copy the authorized_keys file for that\n   user to /etc/ssh/local_keys/<username>.  For example,\n\n   cp ~userx/.ssh/authorized_keys /etc/ssh/local_keys/userx\n\nOnce you have configured a user with both su and ssh privileges and\naddressed any other issues identified in this file, you can remove\nthis file and continue with 'simp bootstrap'.\n"
   end