H3C S3100 Series Operation Manual page 448

The configuration procedure for local authentication of FTP users is similar to that for Telnet users. The
following text only takes Telnet users as example to describe the configuration procedure for local
authentication.
Network requirements
In the network environment shown in
Telnet users logging into the switch are authenticated locally.
Network diagram
Figure 2-4 Local authentication of Telnet users
Configuration procedure
Method 1: Using local authentication scheme.
# Enter system view.
<Sysname> system-view
# Adopt AAA authentication for Telnet users.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] authentication-mode scheme
[Sysname-ui-vty0-4] quit
# Create and configure a local user named "telnet".
[Sysname] local-user telnet
[Sysname-luser-telnet] service-type telnet
[Sysname-luser-telnet] password simple aabbcc
[Sysname-luser-telnet] quit
# Configure an authentication scheme for the default "system" domain.
[Sysname] domain system
[Sysname-isp-system] scheme local
A Telnet user logging into the switch with the name telnet@system belongs to the "system" domain and
will be authenticated according to the configuration of the "system" domain.
Method 2: using local RADIUS server
This method is similar to the remote authentication method described in section
Authentication of Telnet/SSH
Figure 2-4, you are required to configure the switch so that the
Users. However, you need to
2-34
Remote RADIUS