3com S7906E 安装指导
3-8
Telnet Login Configuration with Authentication Mode Being Scheme
Configuration Procedure
Follow these steps to perform Telnet configuration (with authentication mode being scheme):
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter one or more VTY user
interface views
interface views
user-interface vty
first-number [ last-number ]
first-number [ last-number ]
—
Configure to authenticate
users locally or remotely
users locally or remotely
authentication-mode
scheme
scheme
Required
The specified AAA scheme
determines whether to authenticate
users locally or remotely.
determines whether to authenticate
users locally or remotely.
Users are authenticated locally by
default.
default.
Enter the
default ISP
domain view
default ISP
domain view
domain domain name
Configure
the AAA
scheme to
be applied to
the domain
the AAA
scheme to
be applied to
the domain
authentication default
{ hwtacacs-scheme
hwtacacs-scheme- name
[ local ] | local | none |
radius-scheme
radius-scheme-name
[ local ] }
{ hwtacacs-scheme
hwtacacs-scheme- name
[ local ] | local | none |
radius-scheme
radius-scheme-name
[ local ] }
Configure
the
authenticati
on scheme
the
authenticati
on scheme
Quit to
system view
system view
quit
Optional
By default, the local AAA scheme is
applied. If you specify to apply the
local AAA scheme, you need to
perform the configuration concerning
local user as well.
applied. If you specify to apply the
local AAA scheme, you need to
perform the configuration concerning
local user as well.
If you specify to apply an existing
scheme by providing the
radius-scheme-name argument, you
need to perform the following
configuration as well:
scheme by providing the
radius-scheme-name argument, you
need to perform the following
configuration as well:
z
Perform AAA-RADIUS
configuration on the switch. (Refer
to AAA Configuration in the
Security Volume for details.)
configuration on the switch. (Refer
to AAA Configuration in the
Security Volume for details.)
z
Configure the user name and
password accordingly on the AAA
server. (Refer to the user manual
of AAA server.)
password accordingly on the AAA
server. (Refer to the user manual
of AAA server.)
Create a local user and
enter local user view
enter local user view
local-user user-name
No local user exists by default.
Set the authentication
password for the local user
password for the local user
password { simple |
cipher } password
cipher } password
Required
By default, a user is authorized with
no password
no password
Specifies the level of the
local user
local user
authorization-attribute
level level
level level
By default, no authorization attribute is
configured for a local user
configured for a local user
Specify the service type for
AUX users
AUX users
service-type telnet
Required
By default, a user is authorized with
no service
no service
Note that, when you log in to an Ethernet switch using the scheme authentication mode, your access
rights depend on your user level defined in the AAA scheme.
When the local authentication mode is used, the user levels are specified using the
authorization-attribute level level command.