H3C Technologies H3C S3600 Series Switches User Manual
Page 91
9-3
Follow these steps to set a password for use level switching:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Set the super password for
user level switching
super password [ level level ]
{ cipher | simple } password
Required
The configuration will take
effect on all user interfaces.
By default, the super password
is not set.
The super password is for level switching only and is different from the login password..
Adopting HWTACACS authentication for user level switching
To implement HWTACACS authentication for user level switching, a level-3 user must perform the
commands listed in the following table to configure the HWTACACS authentication scheme used for
low-to-high user level switching. With HWTACACS authentication enabled, you can pass the
HWTACACS authentication successfully only after you provide the right user name and the
corresponding password as prompted. Note that if you have passed the HWTACACS authentication
when logging in to the switch, only the password is required.
The following table lists the operations to configure HWTACACS authentication for user level switching,
which can only be performed by Level-3 users.
Follow these steps to set the HWTACACS authentication scheme for user level switching:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter ISP domain view
domain domain-name
—
Set the HWTACACS
authentication scheme for
user level switching
authentication super
hwtacacs-scheme
hwtacacs-scheme-name
Required
By default, the HWTACACS
authentication scheme for user level
switching is not set.
When setting the HWTACACS authentication scheme for user level switching using the authentication
super hwtacacs-scheme command, make sure the HWTACACS authentication scheme identified by
the hwtacacs-scheme-name argument already exists. Refer to AAA Operation for information about
HWTACACS authentication scheme.