R21xx-HP FlexFabric 11900 Security Configuration Guide
63
Ste
p
Command
Remarks
2. Create a device management
user and enter local user view.
local-user user-name class manage
By default, no local user exists.
Local user password control
applies to device management
users instead of network access
users.
For information about how to
configure a local user, see
"Configuring AAA."
3. Configure the password
expiration time for the local
user.
password-control aging aging-time
By default, the setting equals that
for the user group to which the
local user belongs. If no expiration
time is configured for the user
group, the global setting applies to
the local user.
4. Configure the minimum
password length for the local
user.
password-control length length
By default, the setting equals that
for the user group to which the
local user belongs. If no minimum
password length is configured for
the user group, the global setting
applies to the local user.
5. Configure the password
composition policy for the
local user.
password-control composition
type-number type-number
[ type-length type-length ]
By default, the settings equal those
for the user group to which the
local user belongs. If no password
composition policy is configured
for the user group, the global
settings apply to the local user.
Setting super password control parameters
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Set the password expiration
time for super passwords.
password-control super aging
aging-time
The default setting is 90 days.
3. Configure the minimum length
for super passwords.
password-control super length
length
• In non-FIPS mode, the default
length is 10 characters.
• In FIPS mode, the default length
is 15 characters.
4. Configure the password
composition policy for super
passwords.
password-control super
composition type-number
type-number [ type-length
type-length ]
• In non-FIPS mode, by default, a
super password is valid if it has
one valid character and does
not have any invalid
characters.
• In FIPS mode, by default, a
super password is valid if it has
four types of characters and
does not have any invalid
characters.