Manualshelf

R3303-HP HSR6800 Routers Fundamentals Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6804 Router Chassis
21222324252627282930
14
Ste
p
Command
Remarks
3. Specify the scheme
authentication mode.
authentication-mode scheme
By default, the authentication
mode for VTY and AUX users is
password, and no authentication is
needed for console login users.
4. Return to system view.
quit N/A
5. Configure the
authentication mode for
SSH users as password.
For more information, see Security
Configuration Guide.
This task is required only for SSH
users who are required to provide
their usernames and passwords for
authentication.
6. Configure the user
privilege level through the
AAA module.
To use local authentication:
a. Use the local-user command
to create a local user and
enter local user view.
b. Use the level keyword in the
authorization-attribute
command to configure the
user privilege level.
To use remote authentication
(RADIUS, HWTACACS, or LDAP):
Configure the user privilege level
on the authentication server.
User either method.
For local authentication, if you do
not configure the user privilege
level, the user privilege level is 0.
For remote authentication, if you
do not configure the user privilege
level, the user privilege level
depends on the default
configuration of the authentication
server.
For more information about the
local-user and
authorization-attribute commands,
see Security Command Reference.
For example:
# Configure the device to use local authentication for Telnet users on VTY 1.
<Sysname> system-view
[Sysname] user-interface vty 1
[Sysname-ui-vty1] authentication-mode scheme
[Sysname-ui-vty1] quit
[Sysname] local-user test
[Sysname-luser-test] password simple 123
[Sysname-luser-test] service-type telnet
When users Telnet to the device through VTY 1, they must enter username test and password 123. After
passing the authentication, the users can only use level-0 commands.
# Assign commands of levels 0 through 3 to the users.
[Sysname-luser-test] authorization-attribute level 3
Configuring the user privilege level directly on a user interface
To configure the user privilege level directly on a user interface that uses the scheme authentication mode:
Ste
p
Command
Remarks
1. Configure the authentication
type for SSH users as
publickey.
For more information, see Security
Configuration Guide.
Required only for SSH users who
use public-key authentication.
2. Enter system view.
system-view N/A