No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference 10

OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, and 6800 V3 Storage System V300R003

"Based on the CLI, this document describes how to use various commands classified by functions and how to set the CLI and manage the storage system through these commands. The document that you browse online matches the latest C version of the product. Click Download to download documents of other C versions."
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
change snmp safe_strategy

change snmp safe_strategy

Function

The change snmp safe_strategy command is used to change the security policy of the SNMP service.

Format

change snmp safe_strategy [ pwd_min_length=? ] [ pwd_max_length=? ] [ pwd_complex=? ] [ diff_community=? ] [ diff_usm_pwd=? ] [ diff_usm_name=? ] [ check_time=? ] [ retry_times=? ] [ lock_time=? ]

Parameters

Parameter

Description

Value

pwd_min_length=? Minimum length of a community and USM account password.

The value is an integer from 4 to 32.

pwd_max_length=? Maximum length of a community and USM account password.

The value is an integer from 4 to 32.

pwd_complex=? Password complexity.

The value can be "Normal", "Low" or "High", where:

  • "Normal": The password must contain special characters and at least two types of the following characters: uppercase letters, lowercase letters, and digits.
  • "High": The password must contain special characters, uppercase letters, lowercase letters, and digits.
  • "Low": The password contain any types of the following characters: special characters, uppercase letters, lowercase letters and digits.
NOTE:
The special characters including ` ~ ! @ # $ % ^ & * ( ) - _ = + \ | [ { } ] ; : ' " , < . > / ? and space.
diff_community=? Different read-only and read-write community.

The value can be "yes" or "no".

diff_usm_pwd=? The USM user authentication password must be different from the encryption password.

The value can be "yes" or "no".

check_time=? Continuous authentication failure check time.

Values range: an integer from 1 to 600. The unit is second.

retry_times=? Continuous authentication failure times.

Values range:an integer from 3 to 100.

lock_time=? Network management software IP locking duration.

Values range: an integer from 10 to 3600. The unit is second.

diff_usm_name=? The USM user password is different from the user name or reversed user name.

The value can be "yes" or "no".

Level

Administrator

Usage Guidelines

  • If the continuous authentication failure check time is 60 seconds, the continuous authentication failure times is 4 times, and the network management software IP locking duration is 180 seconds, the IP address of the network management software will be locked by the SNMP service for 180 seconds when the software authentication fails for four consecutive times after the access to the SNMP service in 60 seconds. The SNMP service will deny all SNMP request packets from the locked IP address.
  • For security purposes, it is recommended that the password contain at least eight characters and the password complexity mode be set to "Normal" or "High".

Example

  • Setting the security policy for the SNMP service. The complexity requirement for the communities and the password of the USM user is Normal. The read and write communities must be different.

    admin:/>change snmp safe_strategy pwd_complex=Normal diff_community=yes
    Command executed successfully.
  • Setting the security policy for the SNMP service. The consecutive authentication failure check time is set to 60 seconds, the number of allowed consecutive authentication failures is set to four times, and the network management software IP address lock duration is set to 180 seconds.

    admin:/>change snmp safe_strategy check_time=60 retry_times=4 lock_time=180
    Command executed successfully.
  • Setting the security policy for the SNMP service. The communities and the password of the USM user contain at least four characters respectively.

    admin:/>change snmp safe_strategy pwd_min_length=4
    CAUTION: You are about to change the SNMP security policy.
    Suggestion: Set the minimum password length to at least 6 characters.
    Do you wish to continue?(y/n)y
    Command executed successfully.
  • Setting the security policy for the SNMP service. The complexity requirement for the communities and the password of the USM user is Low.

    admin:/>change snmp safe_strategy pwd_complex=Low 
    CAUTION: You are about to change the SNMP security policy.
    Suggestion: Set the password complexity to "Normal" or "High".
    Do you wish to continue?(y/n)y
    Command executed successfully.
  • Setting the security policy for the SNMP service. The communities and the password of the USM user contain at least four characters respectively, and the complexity requirement for the communities and the password of the USM user is Low.

    admin:/>change snmp safe_strategy pwd_complex=Low pwd_min_length=4
    CAUTION: You are about to change the SNMP security policy.
    Suggestion: Set the minimum password length to at least 6 characters.Set the password complexity to "Normal" or "High".
    Do you wish to continue?(y/n)y
    Command executed successfully.

System Response

None

Translation
Download
Updated: 2019-07-22

Document ID: EDOC1000084195

Views: 362946

Downloads: 1590

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next