3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

821

822

823

824

825

826

827

828

829

830

822 CHAPTER 78: PASSWORD CONTROL CONFIGURATION OPERATIONS

Configuring Login

Attempts Limitation and

Failure Processing Mode

When the maximum number of attempts is exceeded, the system operates in one

of the following processing mode:

■ locktime: In this mode, the system inhibits the user from re-logging in within a

certain time period. After the period, the user is allowed to log into the switch

again. By default, this time is 120 minutes.

■ lock: In this mode, the system inhibits the user from re-logging in forever. The

user is allowed to log into the switch again only after the administrator

removes the user from the user blacklist.

■ unlock: In this mode, the system allows the user to log in again.

CAUTION: No inhibition operation is performed for the users who execute the

Super command but fail to log in using the password.

If a user in the blacklist changes his/her IP address, the blacklist will not affect the

user anymore when the user logs into the switch.

The system administrator can perform the following operations to manually

remove one or all user entries in the blacklist.

Configuring the Timeout

Time for Users to be

authenticated

When the local/remote server receives the user name, the authentication starts;

when the user authentication is completed, the authentication ends. Whether the

user is authenticated on the local server or on a remote server is determined by the

related AAA configuration.

If a password authentication is not completed before the authentication timeout

expires, the authentication fails, and the system terminates the connection and

makes some logging.

Tabl e 637 Configure the login attempts limitation and the failure processing mode

Operation Command Description

Enter system view system-view -

Enable the login attempts

limitation, configure the

maximum number of

attempts and configure the

processing mode used when

the maximum number of

attempts is exceeded.

password-control

exceed { lock | unlock |

locktime [ time ] } ]

Optional

By default, the maximum

number of user login attempts

is three, and the switch

operates in the locktime

processing mode when the

maximum number of

attempts is exceeded.

Tabl e 638 Manually remove one or all user entries in the blacklist

Operation Command Description

Delete one specific or all user

entries in the blacklist

reset password-control

blacklist [ user-name

user-name ]

Executing this command

without the user-name

user-name option removes all

the user entries in the

blacklist.

Executing this command with

the user-name user-name

option removes the specified

user entry in the blacklist.