No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Basic Configuration

AR500, AR510, AR531, AR550, AR1500, and AR2500 V200R010

This document provides the basic concepts, configuration procedures, and configuration examples in different application scenarios of the Basic configuration supported by the device.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring an Authentication Mode for a VTY User Interface

Configuring an Authentication Mode for a VTY User Interface

You can configure an authentication mode for a VTY user interface to control user access through Telnet, which enhances login security.

Context

The system provides two authentication modes for a VTY user interface: AAA authentication and password authentication.

  • AAA authentication: Users must enter both user names and passwords for login. If either a user name or a password is incorrect, the login fails.

  • Password authentication: Users must enter passwords for login. Only after a user enters the correct password does the device allow the users to log in.

Procedure

  • Configure AAA authentication.
    1. Run system-view

      The system view is displayed.

    2. Run user-interface vty first-ui-number [ last-ui-number ]

      The VTY user interface view is displayed.

    3. Run protocol inbound { all | telnet }

      The VTY user interface is configured to support the Telnet protocol.

      By default, a VTY user interface supports the SSH and Telnet protocol.

    4. Run authentication-mode aaa

      The authentication mode is set to AAA authentication.

    5. (Optional) run authentication-domain domain-name

      An authentication domain is configured.

      By default, the authentication domain is default. If you want to change the currently used authentication domain for users on the VTY user interface, you can run this command.

    6. Run quit

      Exit the VTY user interface view.

    7. Run aaa

      The AAA view is displayed.

    8. Run local-user user-name password { cipher | irreversible-cipher } password

      A local user account is created and a password is configured.

    9. Run local-user user-name service-type telnet

      The access type of the local user is set to Telnet.

    10. Run quit

      Exit the AAA view.

  • Configure password authentication.
    1. Run system-view

      The system view is displayed.

    2. Run user-interface vty first-ui-number [ last-ui-number ]

      The VTY user interface view is displayed.

    3. Run protocol inbound { all | telnet }

      The VTY user interface is configured to support the Telnet protocol.

      By default, a VTY user interface supports the SSH and Telnet protocol.

    4. Run authentication-mode password

      The authentication mode is set to password authentication.

    5. Run set authentication password cipher

      An authentication password is set.

Translation
Download
Updated: 2019-05-20

Document ID: EDOC1100034225

Views: 44792

Downloads: 100

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next