H3C Technologies H3C SecPath F1000-E User Manual
Page 37
29
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Create local key pair(s).
public-key local create { dsa | rsa }
By default, no local key pair(s) are
created.
3.
Enable SSH server.
ssh server enable
By default, SSH server is disabled.
4.
Exit to system view.
quit
N/A
5.
Enter one or more VTY user
interface views.
user-interface vty first-number
[ last-number ]
N/A
6.
Specify the scheme
authentication mode.
authentication-mode scheme
By default, authentication mode for
VTY user interfaces is password.
7.
Enable the current user
interface to support either
Telnet, SSH, or both of them.
protocol inbound { all | ssh }
Optional.
By default, both protocols are
supported.
8.
Enable command
authorization.
command authorization
Optional.
By default, command authorization
is not enabled.
By default, command level for a
login user depends on the user
privilege level. The user is
authorized the command with the
default level not higher than the
user privilege level. With the
command authorization
configured, the command level for
a login user is determined by both
the user privilege level and AAA
authorization. If a user executes a
command of the corresponding
command level, the authorization
server checks whether the
command is authorized. If yes, the
command can be executed.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS