beautypg.com

Configuration procedure – H3C Technologies H3C S3600 Series Switches User Manual

Page 59

background image

3-3

Authentication

mode

Telnet configuration

Description

Specify to
perform local
authentication or
remote RADIUS
authentication

AAA configuration
specifies whether to
perform local
authentication or
RADIUS authentication

Optional

Local authentication is
performed by default.

Refer to the AAA part for
more.

Configure user
name and
password

Configure user names
and passwords for
local/RADIUS users

Required

The user name and
password of a local user are
configured on the switch.

The user name and
password of a remote user
are configured on the
RADIUS server. Refer to
user manual of RADIUS
server for more.

Manage VTY
users

Set service type for
VTY users

Required

Scheme

Perform common
configuration

Perform common
Telnet configuration

Optional

Refer to

Table 3-2

.

To improve security and prevent attacks to the unused Sockets, TCP 23 and TCP 22, ports for Telnet

and SSH services respectively, will be enabled or disabled after corresponding configurations.

z

If the authentication mode is none, TCP 23 will be enabled, and TCP 22 will be disabled.

z

If the authentication mode is password, and the corresponding password has been set, TCP 23

will be enabled, and TCP 22 will be disabled.

z

If the authentication mode is scheme, there are three scenarios: when the supported protocol is

specified as telnet, TCP 23 will be enabled; when the supported protocol is specified as ssh, TCP

22 will be enabled; when the supported protocol is specified as all, both the TCP 23 and TCP 22

port will be enabled.

Telnet Configuration with Authentication Mode Being None

Configuration Procedure

Follow these steps to configure Telnet with the authentication mode being none:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter one or more VTY user
interface views

user-interface vty
first-number [ last-number ]

Configure not to authenticate
users logging in to VTY user
interfaces

authentication-mode none

Required

By default, VTY users are
authenticated after logging in.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: