Displaying and maintaining aaa, Aaa configuration examples, Aaa for ssh users by an hwtacacs server – H3C Technologies H3C S6300 Series Switches User Manual

47

Setting the maximum number of concurrent login

users

Perform this task to set the maximum number of concurrent users who can log on to the device through a

specific protocol, regardless of their authentication methods. The authentication methods include no

authentication, local authentication, and remote authentication.
To set the maximum number of concurrent login users:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Set the maximum number of
concurrent login users.

•

In non-FIPS mode:

aaa session-limit { ftp | http |

https | ssh | telnet }
max-sessions

•

In FIPS mode:

aaa session-limit { https | ssh }
max-sessions

By default, the maximum number of
concurrent login users is 16 for

each user type.

Displaying and maintaining AAA

Execute the display command in any view.

Task Command

Display the configuration of ISP domains.

display domain [ isp-name ]

AAA configuration examples

AAA for SSH users by an HWTACACS server

Network requirements

As shown in

Figure 10

, configure the switch to meet the following requirements:

•

Use the HWTACACS server for SSH user authentication, authorization, and accounting.

•

Assign the default user role network-operator to SSH users after they pass authentication.

•

Send usernames without domain names to the HWTACACS server.

•

Use expert as the shared keys for secure HWTACACS communication.