Switching User Privilege Level - H3C SR6600 Fundamentals Configuration Manual

Hide thumbs Also See for SR6600:

Command reference manual (265 pages)

Configuration manual (145 pages)

Manual (80 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

page of 184

/ 184
Contents
Table of Contents
Bookmarks

Table of Contents

[Sysname-ui-vty0-4] authentication-mode none

[Sysname-ui-vty0-4] user privilege level 1

# Authenticate users logged in to the switch through Telnet, verify their password, and specify their user

privilege level as 2.

<Sysname> system-view

[Sysname] user-interface vty 0 4

[Sysname-ui-vty1] authentication-mode password

[Sysname-ui-vty0-4] set authentication password cipher 12345678

[Sysname-ui-vty0-4] user privilege level 2

By default, users logged in through telnet use the commands of level 0 after passing the authentication.

After the above configuration, when users log in to the switch through Telnet, they need to input

password 12345678, and then they can use commands of levels 0, 1, and 2.

For more information about user interfaces, see Logging In to the Device in the Fundamentals

Configuration Guide. For more information about the user-interface, authentication-mode, and

user privilege level commands, see Logging In to the Device in the Fundamentals Command

Reference.

For more information about AAA authentication, see AAA in the Security Configuration Guide. For

more information about the local-user and authorization-attribute commands, see AAA in the

Security Command Reference.

For more information about SSH, see SSH 2.0 in the Security Configuration Guide.

Switching User Privilege Level

Introduction

Users can switch to a user privilege level temporarily without logging out and terminating the current

connection. After the switch, users can continue to configure the switch without the need of relogin, but

the commands that they can execute have changed. For example, if the current user privilege level is 3,

the user can configure system parameters. After switching to the user privilege level 0, the user can only

execute some simple commands, like ping and tracert, and only a few display commands. The

switching operation is effective for the current login. After the user relogs in, the user privilege restores

to the original level.

To avoid misoperations, the administrators are recommended to log in to the switch by using a

lower privilege level and view switch operating parameters, and when they have to maintain the

switch, they can switch to a higher level temporarily

When the administrators need to leave for a while or ask someone else to manage the switch

temporarily, they can switch to a lower privilege level before they leave to restrict the operation by

others.

Setting the authentication mode for user privilege level switch

A user can switch to a privilege level equal to or lower than the current one unconditionally and is

not required to input the password (if any).

1-18

Table of Contents

Switching User Privilege Level - H3C SR6600 Fundamentals Configuration Manual

Switching User Privilege Level

Related Manuals for H3C SR6600

Related Content for H3C SR6600

Table of Contents