Switching to a higher user privilege level – H3C Technologies H3C SecPath F1000-E User Manual
Page 122
114
Step Command
Remarks
2.
Set the authentication mode
for user privilege level
switching.
super authentication-mode { local
| scheme } *
Optional.
By default, local-only
authentication is used.
3.
Configure the password for a
user privilege level.
super password [ level user-level ]
{ cipher | simple } password
Required for local authentication.
By default, a privilege level has no
password.
If no user privilege level is specified
when you configure the command,
the user privilege level defaults to
3.
If local-only authentication is used, a console user interface user (a user logged in through the console
port) can switch to a higher privilege level even if the privilege level has not been assigned a password.
If you specify the simple keyword, the password is saved in the configuration file in plain text, which is
easy to be stolen. If you specify the cipher keyword, the password is saved in the configuration file in
cipher text, which is safer.
Switching to a higher user privilege level
Before you switch to a higher user privilege level, obtain the required authentication data as described
in
.
The privilege level switching fails after three consecutive unsuccessful password attempts.
To switch the user privilege level, perform the following task in user view:
Task Command
Remarks
Switch the user privilege level.
super [ level ]
When logging in to the device, a
user has a user privilege level,
which depends on user interface or
authentication user level.
Table 25 Information required for user privilege level switching
User interface
authentication
mode
User privilege level
switching
authentication
mode
Information required for
the first authentication
mode
Information required for the
second authentication mode
none/password
local
Password configured on the
device with the super
password command for the
privilege level
N/A
local scheme
Password configured on the
device with the super
password command for the
privilege level
Username and password
configured on the AAA server for
the privilege level
scheme
Username and password for
the privilege level
N/A
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS