Figure 11 Password authentication interface for Telnet login
Configuring scheme authentication for Telnet login
Follow these guidelines when you configure scheme authentication for Telnet login:
To make the command authorization or command accounting function take effect, apply an
•
HWTACACS scheme to the intended ISP domain. This scheme must specify the IP address of the
authorization server and other authorization parameters.
If the local authentication scheme is used, use the authorization-attribute level level command in
•
local user view to set the user privilege level on the device.
•
If a RADIUS or HWTACACS authentication scheme is used, set the user privilege level on the
RADIUS or HWTACACS server.
If password aging is enabled, make sure passwords for legal users are within the validity period.
•
To configure scheme authentication for Telnet login:
Step
1.
Enter system view.
2.
Enable Telnet.
3.
Enter one or multiple VTY user
interface views.
4.
Enable scheme authentication.
Command
system-view
telnet server enable
user-interface vty first-number
[ last-number ]
authentication-mode scheme
34
Remarks
N/A
By default, the Telnet service is
disabled.
N/A
Whether local, RADIUS, or
HWTACACS authentication is
adopted depends on the
configured AAA scheme.
By default, local authentication is
adopted.