Logging In Through Ssh; Configuring Command Authorization - H3C WA Series Fundamentals Configuration Manual

Wlan access points

Hide thumbs Also See for WA Series:

Layer 2 command reference (133 pages)

Command reference manual (105 pages)

Configuration manual (84 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

page of 137

/ 137
Contents
Table of Contents
Bookmarks

Table of Contents

[Sysname-ui-vty0] history-command max-size 20

# Set the timeout time to 6 minutes.

[Sysname-ui-vty0] idle-timeout 6

Configure the authentication scheme

Configure the authentication server by referring to related parts in AAA in the Security Configuration

Guide.

The IPv6 Telnet command is telnet ipv6 { ipv6-address | hostname } [ -i interface-type

interface-number ] [ port-number ].

Logging In Through SSH

Secure Shell (SSH) offers an approach to logging into a remote device securely. With encryption and

strong authentication, it protects devices against attacks such as IP spoofing and plain text password

interception. For the security features provided by SSH, see SSH2.0 in the Security Configuration

Guide.

At present, only APs that support 802.11n support SSH login.

Configuring Command Authorization

By default, command level for a login user depends on the user level. The user is authorized the

command with the default level not higher than the user level. With the command authorization

configured, the command level for a login user is decided by both the user level and AAA authorization.

If a user executes a command of the corresponding user level, the authorization server checks whether

the command is authorized. If yes, the command can be executed.

The authorization server checks the commands authorized for users through the username, and thus

the command authorization configuration involves four steps:

Step1 Configure the authentication mode as scheme (In other words, use username and password are

required for authentication) when users log in.

Step2 Enable command authorization. For more information, see the following table.

Step3 Configure a RADIUS scheme. Specify the IP addresses of the RADIUS authorization servers and

other related parameters. For more information, see AAA in the Security Configuration Guide.

Step4 Configure the ISP domain to use the RADIUS scheme for command line users. For more information,

See AAA in the Security Configuration Guide.

Follow these steps to enable command authorization:

14-22

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Wa2200 series Wa2600 series Wa2210-ag Wa2220-ag Wa2210x-g Wa2220x-ag ... Show all

Logging In Through Ssh; Configuring Command Authorization - H3C WA Series Fundamentals Configuration Manual

Logging In Through SSH

Configuring Command Authorization

Hide quick links:

Related Manuals for H3C WA Series

Related Content for H3C WA Series

This manual is also suitable for:

Table of Contents