HP 6600 Security Configuration Manual page 37
Hide thumbs
Also See for 6600:
- Command reference manual (286 pages) ,
- Configuration manual (236 pages) ,
- Installation and getting started manual (103 pages)
Table of Contents
Advertisement
level authorized to the user. If the user interface authentication mode is password (password) or no
authentication (none), which commands a login user can use after login depends on the level
configured for the user interface by using the user privilege level command in user interface view.
For an SSH user using public key authentication, which commands are available depends on the
level configured for the user interface. For more information about user interface authentication
mode and user interface command level, see Fundamentals Configuration Guide.
You can configure the user profile authorization attribute in local user view, user group view, and ISP
•
domain view. The setting in local user view has the highest priority, and that in ISP domain view has
the lowest priority. For more information about user profiles, see "Configuring user profiles."
You cannot delete a local user who is the only security log manager in the system, nor can you
•
change or delete the security log manager role of the user. To do so, you must specify a new security
log manager first.
To configure local user attributes:
Step
1.
Enter system view.
2.
Add a local user and enter
local user view.
3.
Configure a password for
the local user.
4.
Assign service types for the
local user.
5.
Place the local user to the
active or blocked state.
Command
system-view
local-user user-name
password [[ hash ] { cipher |
simple } password ]
service-type { dvpn | ftp |
lan-access | { ssh | telnet |
terminal } * | portal | ppp |
web }
state { active | block }
23
Remarks
N/A
By default, no local user exists.
Optional.
A local user with no password
configured directly passes
authentication after providing the valid
local username and attributes. To
enhance security, configure a
password for each local user.
This command is not supported in FIPS
mode. To configure a local user
password in FIPS mode, use the
password-control command.
By default, no service is authorized to a
local user.
Only the 6602 router supports the web
keyword.
The lan-access keyword is supported
only on SAP interface modules that are
operating in Layer 2 mode.
The ftp and telnet keywords are not
supported in FIPS mode.
Optional.
By default, a created local user is in
active state and can request network
services.
Advertisement
Table of Contents
Troubleshooting
