For the description of user interface, refer to Login Configuration in the System Volume; for the
description of the user-interface, authentication-mode and user privilege level commands,
refer to User Interface Commands in the System Volume.
For the introduction to AAA authentication, refer to AAA Configuration in the Security Volume; for
the description of the local-user and authorization-attribute commands, refer to AAA Commands
in the Security Volume.
For the introduction to SSH, refer to SSH 2.0 Configuration in the Security Volume.
Example of configuring user privilege level by using AAA authentication parameters
# Authenticate the users telnetting to the device through VTY 1, verify their usernames and passwords
locally, and specify the user privilege level as 3.
[Sysname] user-interface vty 1
[Sysname-ui-vty1] authentication-mode scheme
[Sysname] local-user test
[Sysname-luser-test] password cipher 123
[Sysname-luser-test] service-type telnet
After the above configuration, when users telnet to the device through VTY 1, they need to input
username test and password 123. After passing the authentication, users can only use the commands
of level 0. If the users need to use commands of levels 0, 1, 2 and 3, the following configuration is
[Sysname-luser-test] authorization-attribute level 3
Configure the user privilege level under a user interface
If the user interface authentication mode is scheme when a user logs in, and SSH publickey
authentication type (only username is needed for this authentication type) is adopted, then the user
privilege level is the user interface level; if a user logs in using the none or password mode (namely, no
username is needed), the user privilege level is the user interface level.
Follow these steps to configure the user privilege level under a user interface (SSH publickey
Use the command...
Configure user level on the
For remote authentication, if
you do not configure the
user level, the user level
depends on the default