H3C Technologies H3C S5120 Series Switches User Manual

Page 274

Advertising
background image

1-9

To do…

Use the command…

Remarks

Manually release the FTP
connection established with the
specified username

free ftp user username

Optional

Available in user view

Configuring Authentication and Authorization on the FTP Server

To allow an FTP user to access certain directories on the FTP server, you need to create an account for

the user, authorizing access to the directories and associating the username and password with the

account.

The following configuration is used when the FTP server authenticates and authorizes a local FTP user.

If the FTP server needs to authenticate a remote FTP user, you need to configure authentication,

authorization and accounting (AAA) policy instead of the local user. For detailed configuration, refer to

AAA Configuration.

In local authentication, the device checks the input username and password against those configured

on the device. In remote authentication, the device sends the input username and password to the

remote authentication server, which then checks whether they are consistent with those configured on

the device.

Follow these steps to configure authentication and authorization for FTP server:

To do…

Use the command…

Remarks

Enter system view

system-view

Create a local user
and enter its view

local-user user-name

Required

No local user exists by default, and the
system does not support FTP
anonymous user access.

Assign a password to
the user

password { simple | cipher }
password

Required

Assign the FTP
service to the user

service-type ftp

Required

By default, the system does not support
anonymous FTP access, and does not
assign any service. If the FTP service is
assigned, the root directory of the device
is used by default.

Configure user
properties

authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut
minute | level level |
user-profile profile-name |
vlan vlan-id | work-directory
directory-name } *

Optional

By default, the FTP/SFTP users can
access the root directory of the device,
and the user level is 0. You can change
the default configuration by using this
command.

Advertising
Popular Brands
Popular manuals