Configuring Authentication And Authorization On The Ftp Server - H3C S5120-EI Series Operation Manual
Ethernet switches
Hide thumbs
Also See for S5120-EI Series:
- Operation manual (1166 pages) ,
- Command reference manual (242 pages) ,
- Configuration manual (206 pages)
Table of Contents
Advertisement
To do...
Manually release the FTP
connection established with the
specified username
Configuring Authentication and Authorization on the FTP Server
To allow an FTP user to access certain directories on the FTP server, you need to create an account for
the user, authorizing access to the directories and associating the username and password with the
account.
The following configuration is used when the FTP server authenticates and authorizes a local FTP user.
If the FTP server needs to authenticate a remote FTP user, you need to configure authentication,
authorization and accounting (AAA) policy instead of the local user. For detailed configuration, refer to
AAA Configuration in the Security Volume.
Follow these steps to configure authentication and authorization for FTP server:
To do...
Enter system view
Create a local user
and enter its view
Assign a password to
the user
Assign the FTP
service to the user
Configure user
properties
For
more
authorization-attribute commands, refer to AAA Command in the Security Volume.
When the device serves as the FTP server, if the client is to perform the write operations (upload,
delete, create, and delete for example) on the device's file system, the FTP login users must be
level 3 users; if the client is to perform other operations, for example, read operation, the device
has no restriction on the user level of the FTP login users, that is, any level from 0 to 3 is allowed.
Use the command...
free ftp user username
Use the command...
system-view
local-user user-name
password { simple | cipher }
password
service-type ftp
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute
| level level | user-profile
profile-name | vlan vlan-id |
work-directory directory-name }
*
information
about
the
—
Required
No local user exists by default, and the
system does not support FTP
anonymous user access.
Required
Required
By default, the system does not
support anonymous FTP access, and
does not assign any service. If the FTP
service is assigned, the root directory
of the device is used by default.
Optional
By default, the FTP/SFTP users can
access the root directory of the device,
and the user level is 0. You can change
the default configuration by using this
command.
local-user,
password,
2-10
Remarks
Optional
Available in user view
Remarks
service-type
and
ftp,
Advertisement
Chapters
Table of Contents
Troubleshooting
