H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – Login

H3C S3100-52P Ethernet Switch

Chapter 3 Logging in through Telnet

3-3

Authentication

mode

Telnet configuration

Description

Specify to

perform local

authenticatio

n or RADIUS

authenticatio

n

AAA

configuration

specifies

whether to

perform local

authenticatio

n or RADIUS

authenticatio

n

Optional
Local authentication is

performed by default.
Refer to the

AAA&RADIUS&HWTACACS&E

AD module for more.

Configure

user name

and

password

Configure

user names

and

passwords

for

local/RADIU

S users

Required

z

The user name and

password of a local user are

configured on the switch.

z

The user name and

password of a remote user

are configured on the

DADIUS server. Refer to user

manual of RADIUS server for

more.

Manage

VTY users

Set service

type for VTY

users

Required

Scheme

Perform

common

configuration

Perform

common

Telnet

configuration

Optional
Refer to Table 3-2.

Note:

To improve security and avoid malicious attack to the unused SOCKETs, TCP 23 and
TCP 22, ports for Telnet and SSH services respectively, will be enabled or disabled
after corresponding configurations.

z

If the authentication mode is none, TCP 23 will be enabled, and TCP 22 will be
disabled.

z

If the authentication mode is password, and the corresponding password has been
set, TCP 23 will be enabled, and TCP 22 will be disabled.

z

If the authentication mode is scheme, there are three scenarios: when the
supported protocol is specified as telnet, TCP 23 will be enabled; when the
supported protocol is specified as ssh, TCP 22 will be enabled; when the supported
protocol is specified as all, both the TCP 23 and TCP 22 port will be enabled.