HP MSR2000/3000/4000 Router Series Security Command Reference
110
ip ipv4-address: Specifies the IPv4 address of a user.
ipv6 ipv6-address: Specifies the IPv6 address of a user.
Usage guidelines
With no arguments provided, this command displays information about all users in the password control
blacklist.
If an FTP or virtual terminal line (VTY) user fails authentication, the system adds the user to a password
control blacklist. You can use this command to view information about these users in the blacklist.
Users accessing the system through the console or AUX port are not blacklisted, because the system is
unable to obtain the IP addresses of these users and these users are privileged and therefore relatively
secure to the system.
Examples
# Display information about users in the password control blacklist.
<Sysname> display password-control blacklist
Blacklist items matched: 2
Username: 1
IP: 13.0.0.1 Login failures: 6 Lock flag: lock
Username: 1
IP: 15.0.0.1 Login failures: 3 Lock flag: lock
Table 12 Command output
Field Descri
p
tion
Blacklist items matched Number of user entries in the blacklist.
IP
IP address of the user.
Login failed times
Number of login failures.
Lock flag
Whether the user is prohibited from logging in:
• unlock—Not prohibited.
• lock—Prohibited temporarily or permanently, depending on the
password-control login-attempt command.
password-control { aging | composition | history | length }
enable
Use password-control { aging | composition | history | length } enable to enable the password
expiration, composition restriction, history, or minimum length restriction function.
Use undo password-control { aging | composition | history | length } enable to disable a password
control function.
Syntax
password-control { aging | composition | history | length } enable
undo password-control { aging | composition | history | length } enable
Default
The password control functions (aging, composition, history, and length) are all enabled.