华为交换机console口登录账号密码设置案例

华为交换机console口登录账号密码设置案例

    

一、配置需求

1、配置S5700-核心交换机console口登录需要密码验证

2、配置S5700-核心交换机console口登录需要账号和密码验证

二、配置步骤

2.1、配置S5700-核心交换机console口登录需要密码验证步骤

2.1.1、进入系统视图

<Huawei>sys  

<Huawei>system-view

Enter system view, return user view with Ctrl+Z.

[Huawei]

2.1.2、进入Console用户界面视图

[Huawei]user-interface console 0

[Huawei-ui-console0]

2.1.3、设置用户验证方式为密码验证

[Huawei-ui-console0]authentication-mode ?

  aaa       AAA authentication

  none      Login without checking

  password  Authentication through the password of a user terminal interface

[Huawei-ui-console0]authentication-mode password

[Huawei-ui-console0]

2.1.4、设置验证密码，输入的密码可以是明文或密文

[Huawei-ui-console0]set authentication password ?

  cipher  Set the password with cipher text

  simple  Set the password in plain text

 [Huawei-ui-console0]set authentication password cipher ?

  STRING<1-16>/<24>  Plain text/cipher text password

[Huawei-ui-console0]set authentication password cipher wlgcs.cn

[Huawei-ui-console0]

[Huawei-ui-console0]q

[Huawei]q

<Huawei>sa

2.2、配置S5700-核心交换机console口登录需要账号和密码验证

2.2.1、设置用户验证方式为AAA验证

[Huawei-ui-console0]authentication-mode ?

  aaa       AAA authentication

  none      Login without checking

  password  Authentication through the password of a user terminal interface

[Huawei-ui-console0]authentication-mode aaa

[Huawei-ui-console0]

2.2.2、退出Console用户界面视图，进入AAA视图

[Huawei-ui-console0]qu

[Huawei]aaa

[Huawei-aaa]

2.2.3、配置登录账号名和密码

[Huawei-aaa]local-user ?

  STRING<1-64>  User name, in form of 'user@domain'. Can use wildcard '*',

                while displaying and modifying, such as *@isp,user@*,*@*.Can

                not include invalid character / \ : * ? " < > | @ '

[Huawei-aaa]local-user wlgcs password ?

  cipher  User password with cipher text

  simple  User password with plain text

[Huawei-aaa]local-user wlgcs password cipher ?

  STRING<1-16>/<24>  The UNENCRYPTED/ENCRYPTED password string

[Huawei-aaa]local-user wlgcs password cipher wlgcs.cn

Info: Add a new user.

[Huawei-aaa]

2.2.4、配置账号的接入类型为Console用户

[Huawei-aaa]local-user wlgcs ?

  access-limit   Set access limit of user(s)

  ftp-directory  Set user(s) FTP directory permitted

  idle-timeout   Set the timeout period for terminal user(s)

  password       Set password

  privilege      Set admin user(s) level

  service-type   Service types for authorized user(s)

  state          Activate/Block the user(s)

[Huawei-aaa]local-user wlgcs service-type ?

  8021x     802.1x user

  bind      Bind authentication user

  ftp       FTP user

  http      Http user

  ppp       PPP user

  ssh       SSH user

  telnet    Telnet  user

  terminal  Terminal user

  web       Web authentication user

  x25-pad   X25-pad user

  

[Huawei-aaa]local-user wlgcs service-type terminal

[Huawei-aaa]

[Huawei-aaa]q

[Huawei]q

<Huawei>sa

三、配置验证

3.1、验证S5700-核心交换机console口登录需要密码

Please Press ENTER.

Login authentication

Password:                             # 输入密码wlgcs.cn 回车登录

<Huawei>

3.2、验证S5700-核心交换机console口登录需要账号和密码

Please Press ENTER.

Login authentication

Username:wlgcs

Password:                               # 输入密码wlgcs.cn 回车登录

<Huawei>

四、配置信息

4.1、S5700-核心交换机console口登录需要密码验证配置信息

#

user-interface con 0

 authentication-mode password

 set authentication password cipher =!|}D)F/uV:.`&R&e7S(W>A#

user-interface vty 0 4

#

4.2、S5700-核心交换机console口登录需要账号和密码验证配置信息

#

aaa

 authentication-scheme default

 authorization-scheme default

 accounting-scheme default

 domain default

 domain default_admin

 local-user admin password simple admin

 local-user admin service-type http

 local-user wlgcs password cipher )UB'#XU&R,=NZPO3JBXBHA!!

 local-user wlgcs service-type terminal

#

user-interface con 0

 authentication-mode aaa

 set authentication password cipher =!|}D)F/uV:.`&R&e7S(W>A#

user-interface vty 0 4

#