HP A-F1000-E Getting Started Manual page 37

To do...
Enter one or more VTY user
interface views
Specify the scheme authentication
mode
Enable the current user interface to
support either Telnet, SSH, or both
of them
Enable command authorization
Enable command accounting
Exit to system view
Enter the default
ISP domain
view
Configure the
Apply the
authentication specified AAA
mode
scheme to the
domain
Exit to system
view
Create a local user and enter local
user view
Set the local password
Use the command...
user-interface vty
first-number
[ last-number ]
authentication-mode
scheme
protocol inbound { all |
ssh }
command authorization
command accounting
quit
domain domain-name
authentication default
{ hwtacacs-scheme
hwtacacs-scheme-name
[ local ] | local | none |
radius-scheme
radius-scheme-name
[ local ] }
quit
local-user user-name
password { cipher |
simple } password
31
Remarks
—
Required
By default, authentication mode for VTY user
interfaces is scheme.
Optional
By default, both protocols are supported.
Optional
•
By default, command authorization is not
enabled.
Optional
•
By default, command accounting is
disabled. The accounting server does not
record the commands executed by users.
•
Command accounting allows the
HWTACACS server to record all executed
commands that are supported by the
device, regardless of the command
execution result. This helps control and
monitor user operations on the device. If
command accounting is enabled and
command authorization is not enabled,
every executed command is recorded on
the HWTACACS server. If both command
accounting and command authorization
are enabled, only the authorized and
executed commands are recorded on the
HWTACACS server.
—
Optional
By default, the AAA scheme is local.
Required
By default, no local user exists.
Required
By default, no local password is set.