Step
3.
Configure a password for the
local user.
4.
Specify the service types for
the local user.
5.
Place the local user to the
state of active or blocked.
6.
Set the maximum number of
concurrent users of the local
user account.
7.
Configure the password
control attributes for the local
user.
8.
Configure the binding
attributes for the local user.
Command
password [ { cipher | simple }
password ]
service-type { ftp | lan-access |
{ ssh | telnet | terminal } * | web }
state { active | block }
access-limit max-user-number
•
Set the password aging time:
password-control aging
aging-time
•
Set the minimum password
length:
password-control length length
•
Configure the password
composition policy:
password-control composition
type-number type-number
[ type-length type-length ]
bind-attribute { ip ip-address |
location port slot-number
subslot-number port-number | mac
mac-address | vlan vlan-id } *
17
Remarks
Optional.
A local user with no password
configured directly passes
authentication after providing the
valid local username and
attributes. To enhance security,
configure a password for each
local user.
If none of the parameters is
specified, you enter the interactive
mode to set a plaintext password.
This interactive mode is supported
only on switches that support the
password control feature.
By default, no service is authorized
to a local user.
Optional.
When created, a local user is in
active state by default, and the user
can request network services.
Optional.
By default, there is no limit to the
maximum number of concurrent
users of a local user account.
The limit is effective only for local
accounting, and is not effective for
FTP users.
Optional.
By default, the password control
attributes of the user group to
which the local user belongs
apply, and any password control
attribute that is not configured in
the user group uses the global
setting. The global settings include
a 90-day password aging time, a
minimum password length of 10
characters, and at least one
password composition type and at
least one character required for
each password composition type.
Optional.
By default, no binding attribute is
configured for a local user.