H3C Technologies H3C S12500 Series Switches User Manual
Page 42
30
Step Command
Remarks
3.
Enable SSH server.
ssh server enable
By default, SSH server is disabled.
4.
Exit to system view.
quit
N/A
5.
Enter one or more VTY user
interface views.
user-interface vty first-number
[ last-number ]
N/A
6.
Specify the scheme
authentication mode.
authentication-mode scheme
By default, authentication mode for
VTY user interfaces is password.
7.
Enable the current user
interface to support either
Telnet, SSH, or both of them.
protocol inbound { all | ssh }
Optional.
By default, both protocols are
supported.
8.
Exit to system view.
quit
N/A
9.
Configure the authentication
mode.
a.
Enter the default ISP
domain view:
domain domain-name
b.
Apply the specified AAA
scheme to the domain:
authentication default
{ hwtacacs-scheme
hwtacacs-scheme-name
[ local ] | local | none |
radius-scheme
radius-scheme-name
[ local ] }
c.
Exit to system view:
quit
Optional.
By default, the AAA scheme is
local.
If you specify the local AAA
scheme, perform the configuration
concerning local user as well. If
you specify an existing scheme by
providing the radius-scheme-name
argument, perform the following
configuration as well:
•
For RADIUS and HWTACACS
configuration, see Security
Configuration Guide.
•
Configure the username and
password on the AAA server.
For more information, see
Security Configuration Guide.
10.
Create a local user and enter
local user view.
local-user user-name
By default, no local user exists.
11.
Set the local password.
password { cipher | simple }
password
By default, no local password is
set.
12.
Specify the command level of
the local user.
authorization-attribute level level
Optional.
By default, the command level is 0.
13.
Specify the service type for the
local user.
service-type ssh
By default, no service type is
specified.
14.
Exit to system view.
quit
N/A
15.
Create an SSH user, and
specify the authentication
mode for the SSH user.
ssh user username service-type
stelnet authentication-type
{ password | { any |
password-publickey | publickey }
assign publickey keyname }
Optional.
By default, no SSH user exists, and
no authentication mode is
specified.
16.
Configure common settings
for VTY user interfaces.
N/A
Optional.
See "
."