Configuring authentication and authorization – H3C Technologies H3C S12500 Series Switches User Manual
Page 87
75
Step Command
Remarks
3.
Use an ACL to control FTP
clients' access to the device.
ftp server acl acl-number
Optional.
By default, no ACL is used to control
FTP clients' access to the device.
4.
Configure the idle-timeout
timer.
ftp timeout minutes
Optional.
30 minutes by default.
Within the idle-timeout time, if there is
no information interaction between
the FTP server and client, the
connection between them is
terminated.
5.
Set the file update mode for
the FTP server.
ftp update { fast | normal }
Optional.
Normal update is used by default.
6.
Return to user view.
quit
N/A
7.
Manually release the FTP
connection established with
the specified username.
free ftp user username
Optional.
Configuring authentication and authorization
Perform this task on the FTP server to authenticate FTP clients and specify the directories that
authenticated clients can access.
The following authentication modes are available:
•
Local authentication—The device looks up the client's username and password in the local user
account database. If a match is found, authentication succeeds.
•
Remote authentication—The device sends the client's username and password to a remote
authentication server for authentication. If this method is used, the user account is configured on the
remote authentication server rather than the device.
To assign an FTP user write access (including upload, delete, and create) to the device, assign level-3
(Manage) user privileges to the user. For read-only access to the file system, any user privilege level is
OK.
For more information, see the chapter on AAA configuration in Security Configuration Guide.
To configure authentication and authorization for FTP server:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Create a local user
and enter its view. local-user user-name
No FTP authorized local user exists by default,
and the system does not support FTP
anonymous user access.
3.
Assign a password
to the user.
password { simple | cipher }
password
N/A
- H3C S12500-X Series Switches H3C S9800 Series Switches H3C S9500E Series Switches H3C S5560 Series Switches H3C S5130 Series Switches H3C S5120 Series Switches H3C SR8800 H3C SR6600-X H3C SR6600 H3C MSR 5600 H3C MSR 50 H3C MSR 3600 H3C MSR 30 H3C MSR 2600 H3C MSR 20-2X[40] H3C MSR 20-1X H3C MSR 930 H3C MSR 900 H3C WX3000E Series Wireless Switches H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C WX3000 Series Unified Switches H3C LSWM1WCM10 Access Controller Module H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C WA3600 Series Access Points H3C WA2600 Series WLAN Access Points H3C SecPath F5020 H3C SecPath F5040 H3C VMSG VFW1000 H3C S10500 Series Switches