Switching to a higher user privilege level – H3C Technologies H3C SecPath F1000-E User Manual

Page 122

Advertising
background image

114

Step Command

Remarks

2.

Set the authentication mode
for user privilege level

switching.

super authentication-mode { local
| scheme } *

Optional.
By default, local-only

authentication is used.

3.

Configure the password for a
user privilege level.

super password [ level user-level ]
{ cipher | simple } password

Required for local authentication.
By default, a privilege level has no

password.
If no user privilege level is specified
when you configure the command,

the user privilege level defaults to

3.

If local-only authentication is used, a console user interface user (a user logged in through the console
port) can switch to a higher privilege level even if the privilege level has not been assigned a password.
If you specify the simple keyword, the password is saved in the configuration file in plain text, which is

easy to be stolen. If you specify the cipher keyword, the password is saved in the configuration file in

cipher text, which is safer.

Switching to a higher user privilege level

Before you switch to a higher user privilege level, obtain the required authentication data as described

in

Table 25

.

The privilege level switching fails after three consecutive unsuccessful password attempts.
To switch the user privilege level, perform the following task in user view:

Task Command

Remarks

Switch the user privilege level.

super [ level ]

When logging in to the device, a
user has a user privilege level,

which depends on user interface or

authentication user level.

Table 25 Information required for user privilege level switching

User interface

authentication

mode

User privilege level

switching

authentication

mode

Information required for

the first authentication

mode

Information required for the

second authentication mode

none/password

local

Password configured on the
device with the super

password command for the

privilege level

N/A

local scheme

Password configured on the
device with the super
password command for the

privilege level

Username and password
configured on the AAA server for

the privilege level

scheme

Username and password for
the privilege level

N/A

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals