Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
11121314151617181920
1 Configuring Username and Password Security
Console access
Console access includes both the menu interface and the CLI. There are two levels of console
access: Manager and Operator. For security, you can set a password pair (Username and Password)
on each of these levels.
NOTE: Usernames are optional. Passwords are configured in the menu interface. Usernames are
configured in the CLI.
Usernames and passwords for Manager and Operator access can also be configured using SNMP.
See “Using SNMP to view and configure switch authentication features” (page 180).
Beginning with software release K.14.01, usernames and passwords for Manager and Operator
access can also be configured using the Management Interface Wizard. See “Using the
Management Interface wizard” (page 436).
Actions permittedLevel
Access to all console interface areas.
Manager passwords must be set prior to starting the current console session or anyone can
that has access to the console can access any area of the console interface.
This is the default level.
manager
Access to the Status and Counters menu, the Event Log, and the CLI, but no Configuration
capabilities. On the operator level, the configuration menus, Download OS, and Reboot
Switch options in the Main menu are not available.
1
operator
1
Allows use of the ping, link-test, show, menu, exit, and logout commands, plus the enable command if you can provide
the manager password.
Creating password security
To set up password security:
1. In the console interface, setup a manager password pair (and an operator password pair, if
applicable for your system).
2. Exit from the current console session. A manager password pair will now be needed for full
access to the console.
Passwords are case-sensitive.
The next time a console session is started for either the menu interface or the CLI, a prompt will
appear requesting a password. Assuming you have protected both the manager and operator
levels, the level of access to the console interface will be determined by which password is entered
in response to the prompt.
If you configure only a manager password (with no operator password), and in a later session the
manager password is not entered correctly in response to a prompt from the switch, then the switch
does not allow management access for that session. If the switch has a password for both the
manager and operator levels, and neither is entered correctly in response to the switch’s password
prompt, then the switch does not allow management access for that session.
If you configure only an operator password, entering the operator password enables full manager
privileges.
CAUTION: If the switch has neither a manager nor an operator password, anyone having access
to the switch through either Telnet or the serial port of the switch can access the switch with full
manager privileges.
20 Configuring Username and Password Security