No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


S1720, S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Common Operation Guide

This document describes the CLI-based configurations of universal protocols and common features for Huawei switches on basic networks.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Authentication for Telnet Login Users (AAA Local Authentication)

Configuring Authentication for Telnet Login Users (AAA Local Authentication)


The authentication mode must be specified on the device; otherwise, users cannot log in to the device through Telnet. The device supports non-authentication, password authentication, and AAA authentication, in which AAA authentication has the highest security.

To authenticate the Telnet users through AAA, enable the Telnet service on the device, set the authentication mode of the user interface (for example, VTY) to aaa, create a local account in the AAA view, and set the user access type and user level.

<HUAWEI> system-view
[HUAWEI] telnet server enable  //Enable the Telnet service.
[HUAWEI] user-interface maximum-vty 15  //Set the maximum number of VTY login users to 15.
[HUAWEI] user-interface vty 0 14  //Enter the view of VTY users at level 0-14.
[HUAWEI-ui-vty0-14] authentication-mode aaa  //Set the VTY authentication mode to AAA.
[HUAWEI-ui-vty0-14] protocol inbound telnet  //Configure the VTY user interface to support Telnet. By default, switches in V200R006 and earlier versions support Telnet, and switches in V200R007 and later versions support SSH.
[HUAWEI-ui-vty0-14] quit
[HUAWEI] aaa
[HUAWEI-aaa] local-user user1 password irreversible-cipher Huawei@1234  //Create the local user user1 and set the password. The password is displayed in cipher text in the configuration file, so remember the password. If you forget the password, run this command again to overwrite the old configuration.
[HUAWEI-aaa] local-user user1 service-type telnet  //Set the access type of user1 to Telnet. This user can only log in to the device through Telnet.
[HUAWEI-aaa] local-user user1 privilege level 15  //Set the user level of user1 to 15. After login, the user can run the commands at level 0-15.
[HUAWEI-aaa] quit
Updated: 2018-09-03

Document ID: EDOC1000057410

Views: 123053

Downloads: 13188

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Previous Next