Brocade Communications Systems Brocade ICX 6650 6650 Manuel D’Utilisation
Brocade ICX 6650 Security Configuration Guide
17
53-1002601-01
Local user accounts
For example, to specify that the Line, Enable, and Local passwords be at least 8 characters, enter
the following command.
the following command.
Brocade(config)# enable password-min-length 8
Syntax: enable password-min-length number-of-characters
The number-of-characters can be from 1–48.
Local user accounts
You can define up to 16 local user accounts on a Brocade device. User accounts regulate who can
access the management functions in the CLI using the following methods:
access the management functions in the CLI using the following methods:
•
Telnet access
•
SNMP access
Local user accounts provide greater flexibility for controlling management access to Brocade
devices than do management privilege level passwords and SNMP community strings of SNMP
versions 1 and 2. You can continue to use the privilege level passwords and the SNMP community
strings as additional means of access authentication. Alternatively, you can choose not to use local
user accounts and instead continue to use only the privilege level passwords and SNMP
community strings. Local user accounts are backward-compatible with configuration files that
contain privilege level passwords. Refer to
devices than do management privilege level passwords and SNMP community strings of SNMP
versions 1 and 2. You can continue to use the privilege level passwords and the SNMP community
strings as additional means of access authentication. Alternatively, you can choose not to use local
user accounts and instead continue to use only the privilege level passwords and SNMP
community strings. Local user accounts are backward-compatible with configuration files that
contain privilege level passwords. Refer to
If you configure local user accounts, you also need to configure an authentication-method list for
Telnet access and SNMP access. Refer to
Telnet access and SNMP access. Refer to
For each local user account, you specify a user name. You also can specify the following
parameters:
parameters:
•
A password
•
A management privilege level, which can be one of the following:
-
Super User level (default) – Allows complete read-and-write access to the system. This is
generally for system administrators and is the only privilege level that allows you to
configure passwords.
generally for system administrators and is the only privilege level that allows you to
configure passwords.
-
Port Configuration level – Allows read-and-write access for specific ports but not for global
parameters.
parameters.
-
Read Only level – Allows access to the Privileged EXEC mode and User EXEC mode with
read access only.
read access only.
•
Enhancements to username and password
This section describes the enhancements to the username and password features introduced in
earlier releases.
earlier releases.
The following rules are enabled by default:
•
Users are required to accept the message of the day.