Manualshelf

R21xx-HP FlexFabric 11900 Fundamentals Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products
21222324252627282930
15
Login overview
The first time you access the device, you can only log in to the CLI through the console port. After login,
you can change console login parameters or configure other access methods, including Telnet, SSH,
modem, and SNMP.
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,
commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about
FIPS mode, see Security Configuration Guide.
Telnet is not supported in FIPS mode.
Login methods at a glance
Table 6 Login methods at a glance
Lo
g
in method Default settin
g
s
and minimum confi
g
uration re
q
uirements
Logging in to the CLI:
Logging in through the console
port locally
By default, login through the console port is enabled, no username or
password is required, and the user role network-admin is assigned.
After login, configure password or scheme authentication mode to
improve device security:
Configure a password for password authentication, or change the
authentication mode and configure parameters for the new
authentication mode.
Assign a user role (network-admin by default).
Logging in through Telnet (not
supported in FIPS mode)
By default, Telnet login is disabled.
To Log in through Telnet, complete the following configuration tasks:
Enable the Telnet server function.
Assign an IP address to a Layer 3 interface and make sure the
interface and the Telnet client can reach each other.
Configure an authentication mode for VTY login users. By default,
password authentication is used but no password is configured.
Assign a user role to VTY login users (network-operator by default).
Logging in through SSH
By default, SSH login is disabled.
To log in through SSH, complete the following configuration tasks:
Enable the SSH server function and configure SSH attributes.
Assign an IP address to a Layer 3 interface and make sure the
interface and the SSH client can reach each other.
Configure scheme authentication for VTY login users (password
authentication by default).
Assign a user role to VTY login users (network-operator by default).