beautypg.com

H3C Technologies H3C S12500-X Series Switches User Manual

Page 32

background image

20

Step Command

Remarks

2.

Add a local user and enter
local user view.

local-user user-name [ class
{ manage | network } ]

By default, no local user exists.

3.

(Optional.) Configure a
password for the local

user.

For a network access user:

password { cipher | simple }

password

For a device management user:

{

In non-FIPS mode:
password [ { hash | simple }

password ]

{

In FIPS mode:

password

Network access user passwords are
encrypted with the encryption
algorithm and saved in ciphertext.

Device management user passwords

are encrypted with the hash
algorithm and saved in ciphertext.
A local user with no password
configured directly passes

authentication after providing the

valid local username and attributes.
To enhance security, configure a

password for each local user.

4.

Assign services for the
local user.

For a network access user:

service-type lan-access

For a device management user:

{

In non-FIPS mode:
service-type { ftp | { ssh |

telnet | terminal } * }

{

In FIPS mode:

service-type { ssh | terminal }

*

By default, no service is authorized to
a local user.

5.

(Optional.) Place the local
user to the active or

blocked state.

state { active | block }

By default, a created local user is in
active state and can request network
services.

6.

(Optional.) Set the upper
limit of concurrent logins

using the local user name.

access-limit max-user-number

By default, the number of concurrent
logins is not limited for the local user.
This command takes effect only when
local accounting is configured for the

local user. It does not apply to FTP
users, who do not support

accounting.

7.

(Optional.) Configure
binding attributes for the

local user.

bind-attribute { ip ip-address |
location interface interface-type

interface-number | mac

mac-address | vlan vlan-id } *

By default, no binding attribute is
configured for a local user.
Binding attribute ip applies only to
LAN users using 802.1X.
Binding attributes location, mac, and

vlan apply only to LAN users.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: