R0106-HP MSR Router Series Fundamentals Configuration Guide(V7)
74
Ste
p
Command
Remarks
2. Enter user line view or
user line class view.
• Enter user line view:
line { first-number1
[ last-number1 ] | { aux |
console | tty | vty }
first-number2 [ last-number2 ] }
• Enter user line class view:
line class { aux | console | tty
| vty }
A setting in user line view is applied only to
the user line. A setting in user line class
view is applied to all user lines of the class.
A non-default setting in either view takes
precedence over a default setting in the
other view. A non-default setting in user
line view takes precedence over a
non-default setting in user line class view.
A setting in user line view takes effect
immediately and affects the online user. A
setting in user line class view takes effect
only for users who log in after the
configuration is completed. It does not
affect online users.
3. Enable scheme
authentication.
authentication-mode scheme
By default, authentication is disabled for
the console line and password
authentication is enabled for the AUX line.
By default, authentication is disabled for
the AUX line.
In VTY line view, this command is
associated with the protocol inbound
command. If you specify a non-default
value for only one of the two commands in
VTY line view, the other command uses the
default setting, regardless of the setting in
VTY line class view.
4. Enable command
authorization.
command authorization
By default, command authorization is
disabled, and the commands available for
a user only depend on the user role.
If the command authorization command is
configured in user line class view,
command authorization is enabled on all
user lines in the class. You cannot
configure the undo command
authorization command in the view of a
user line in the class.
Configuration example
Network requirements
As shown in Figure 38, Host A needs to log in to the device to manage the device.
Configure the device to do the following:
• Allows Host A to Telnet in after authentication.
• Uses the HWTACACS server to control the commands that the user can execute.
• If the HWTACACS server is not available, uses local authorization.