HP A7500 Series Configuration Manual page 22

Hide thumbs Also See for A7500 Series:

Command reference manual (222 pages)

Configuration manual (208 pages)

Compliance and safety manual (44 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

page of 182

/ 182
Contents
Table of Contents
Bookmarks

Table of Contents

To do...

Enter user interface view

Specify the scheme authentication

mode

Return to system view

Configure the authentication mode

for SSH users as password

Configure the

user privilege

level by using

AAA

authentication

parameters

Example of configuring a user privilege level by using AAA authentication parameters

# You are required to authenticate the users that Telnet to the switch through VTY 1, verify their username

and password, and specify the user privilege level as 3.

<Sysname> system-view

[Sysname] user-interface vty 1

[Sysname-ui-vty1] authentication-mode scheme

[Sysname-ui-vty1] quit

[Sysname] local-user test

[Sysname-luser-test] password cipher 12345678

[Sysname-luser-test] service-type telnet

When users Telnet to the switch through VTY 1, they need to input username test and password 12345678.

After passing authentication, the users can only use level 0 commands. If the users want to use

commands of level 0, 1, 2 and 3 commands, the following configuration is required:

[Sysname-luser-test] authorization-attribute level 3

Configure the user privilege level under a user interface

If the user interface authentication mode is scheme, and SSH publickey authentication type (only a

•

username is needed for this authentication type) is adopted, the user privilege level of users logging

into the user interface is the user interface level.

If the user interface authentication mode is none or password, the user privilege level of users

•

logging into the user interface is the user interface level.

Use the command...

user-interface { first-num1

[ last-num1 ] | { aux | vty }

first-num2 [ last-num2 ] }

authentication-mode scheme

quit

For more information, see Security

Configuration Guide.

•

Use the local-user command to

create a local user and enter

local user view.

Using local

•

Use the level keyword in the

authentication

authorization-attribute

command to configure the user

privilege level.

Using remote

authentication

Configure the user privilege level

(RADIUS, or

on the authentication server

HWTACACS

authentication)

Remarks

—

Required

By default, the authentication

mode for VTY users is password,

and no authentication is needed

for AUX login users.

—

Required if users use SSH to log in,

and username and password are

needed at authentication

User either approach

•

For local authentication, if you

do not configure the user

privilege level, the user

privilege level is 0.

•

For remote authentication, if

you do not configure the user

privilege level, the user

privilege level depends on the

default configuration of the

authentication server.

Table of Contents

HP A7500 Series Configuration Manual page 22

Related Manuals for HP A7500 Series

Related Products for HP A7500 Series

Table of Contents