13
Step Command Remarks
2.
Enable Telnet server.
telnet server enable
By default, the Telnet server function is
enabled.
3.
Enter one or multiple VTY
user interface views.
user-interface vty
first
-
number
[
last-number
]
N/A
4.
Enable scheme
authentication.
authentication-mode
scheme
By default, password authentication is
enabled for VTY user interfaces.
Whether local, RADIUS, or
HWTACACS authentication is adopted
depends on the configured AAA
scheme.
By default, local authentication is
adopted.
5.
Enable command
authorization.
command authorization
Optional.
By default, command authorization is
disabled. The commands available for
a user only depend on the user
privilege level.
6.
Enable command
accounting.
command accounting
Optional.
By default, command accounting is
disabled. The accounting server does
not record the commands executed by
users.
7.
Exit to system view.
quit
N/A
8.
Apply an AAA
authentication scheme to
the intended domain.
a.
Enter ISP domain view:
domain
domain-name
b.
Apply an AAA scheme to
the domain:
authentication default
{
hwtacacs-scheme
hwtacacs-scheme-name
[
local
] |
local
|
none
|
radius-scheme
radius-scheme-name
[
local
] }
c.
Exit to system view:
quit
Optional.
By default, local authentication is used.
For local authentication, configure
local user accounts.
For RADIUS or HWTACACS
authentication, configure the RADIUS
or HWTACACS scheme on the device
and configure authentication settings
(including the username and password)
on the server.
For more information about AAA
configuration, see
Security
Configuration Guide
.
9.
Create a local user and
enter local user view.
local-user
user-name
N/A
10.
Set a password.
password
{
cipher
|
simple
}
password
N/A
11.
Specify the command
level of the local user.
authorization-attribute level
level
Optional.
12.
Specify Telnet service for
the local user.
service-type
telnet
N/A
13.
Exit to system view.
quit
N/A
14.
Configure common
See "