Configuring Login Through the Console Port
Local login through the console port is of high rights. If you cannot log in to a switch remotely, connect a PC to the console port of the switch for local login.
Common Configurations for Login Through the Console Port
By default, you can directly log in to a switch using the user name for the first login and the changed password without any extra configuration. To add a console user or change user information, perform the following steps:
- Set an authentication mode for accessing the console user interface.
- Configure authentication information and a user privilege level for the console user interface.
Procedure
- Set an authentication mode for accessing the console user interface.
Set the authentication mode for the console user interface to AAA:
To use AAA authentication, you need to configure the authentication information, access type, and user privilege level for the AAA user.
<HUAWEI> system-view [HUAWEI] user-interface console 0 //Enter the console user interface. [HUAWEI-console0] authentication-mode aaa //Set the authentication mode to AAA authentication. [HUAWEI-console0] quit
Set the authentication mode for the console user interface to password:
To use password authentication, you need to configure the level and login password of the VTY user interface.
<HUAWEI> system-view [HUAWEI] user-interface console 0 //Enter the console user interface. [HUAWEI-console0] authentication-mode password //Set the authentication mode for accessing the console user interface to password authentication.
If none authentication is used, any user can be successfully authenticated without entering the user name and password. In actual scenarios, AAA authentication is more secure and is therefore recommended.
If you configure the console user interface after login through the console port, the configuration takes effect at your next login.
For device security purposes, change the password periodically.
- Configure authentication information and a user privilege level for the console user interface.
Set the authentication mode for the console user to AAA:
To use AAA authentication, you need to configure the authentication information, access type, and user privilege level for the AAA user.
[HUAWEI] aaa [HUAWEI-aaa] local-user admin123 password irreversible-cipher abcd@123 //Create a local user admin123 and set the password to abcd@123. [HUAWEI-aaa] local-user admin123 privilege level 15 //Set the level of the local user admin123 to 15. Warning: This operation may affect online users, are you sure to change the user privilege level ?[Y/N]y [HUAWEI-aaa] local-user admin123 service-type terminal //Set the access type of the local user admin123 to terminal user, namely, console user.
Set the authentication mode for the console user to password:
To use password authentication, you need to configure the level and login password of the VTY user interface.
[HUAWEI-console0] authentication-mode password //Set the authentication mode for accessing the console user interface to password authentication. [HUAWEI-console0] set authentication password cipher abcd@123 //Set the login password to abcd@123. By default, users who log in to a device using the console interface are at level 15.
- Connect to the switch through the console port, press Enter, and enter the user name and password configured for AAA authentication in the login window, to log in to the switch. (In this example, the user name is admin123 and the password is abcd@123.)
Login authentication Username:admin123 Password: <HUAWEI>
Verifying the Configuration
- Run the display users [ all ] command to check user login information on the user interface.
- Run the display user-interface console 0 command to check user interface information.
- Run the display local-user command to check the local user attributes.
- Run the display access-user command to check information about online users.
Related Commands
For detailed command description, see Command Reference.
Function |
Command |
Description |
|---|---|---|
Set an authentication mode for accessing a console user interface. |
authentication-mode { aaa | password | none } |
By default, AAA authentication is used. If AAA authentication is selected, you need to configure information about the local AAA user as follows:
|
Configure the login password for accessing a console user interface. |
set authentication password [ cipher password ] |
If password authentication is selected, you need to use this command to set the authentication password. |
Set the level of users who are allowed to access a console user interface. |
user privilege level level |
The default user privilege level is 15. The user privilege level set using this command does not take effect for AAA users. The level of AAA users depends on the local user privilege level in the AAA configuration information. |
Function |
Command |
Description |
|---|---|---|
Disable the console port login function. |
console0 disable |
By default, the console port login function is enabled. |
Set the flow control mode of a console user interface. |
flow-control { hardware | none | software } |
By default, the flow control mode is none, that is, flow control is not performed. |
Set the data bit of a console user interface. |
databits { 5 | 6 | 7 | 8 } |
The default data bit is 8. |
Set the parity bit of a console user interface. |
parity { even | mark | none | odd | space } |
By default, the parity bit is none, that is, no check is performed. |
Set the stop bit of a console user interface. |
stopbits { 1 | 1.5 | 2 } |
The default stop bit is 1. |
Set the baud rate of a console user interface. |
speed speed-value |
The default transmission rate is 9600 bit/s. |
Set the console user interface inactivity timeout. |
idle-timeout minutes [ seconds ] |
The default timeout value is 10 minutes. |
Set the number of lines displayed on a terminal screen. |
screen-length screen-length |
The default number of lines displayed on a terminal screen is 24. |
Set the number of columns displayed on a terminal screen. |
screen-width screen-width |
The default number of columns displayed on a terminal screen is 80. |
Set the size of the historical command buffer on a console user interface. |
history-command max-size size-value |
By default, a maximum of 10 historical commands can be saved in the buffer. |