信息网络培训学习第三天,今天在H3C交换机S5500实机(v5)及H3C交换机S5130(v7)模拟器上配置telnet。
本文分别记录在H3C v5和v7系统版本下的telnet配置命令。
H3C v5
v5版本下telnet有三种模式,用户权限为level0~3。
none
1
2
3
4
5
| <H3C>system-view
[H3C]telnet server enable
[H3C]user-interface vty 0 4
[H3C-ui-vty0-4]authentication-mode none
[H3C-ui-vty0-4]user privilege level 3
|
登录测试:
password
1
2
3
4
5
6
| <H3C>system-view
[H3C]telnet server enable
[H3C]user-interface vty 0 4
[H3C-ui-vty0-4]authentication-mode password
[H3C-ui-vty0-4]set authentication password simple 123456
[H3C-ui-vty0-4]user privilege level 3
|
登录测试:
scheme
1
2
3
4
5
6
7
8
9
10
| <H3C>system-view
[H3C]telnet server enable
[H3C]user-interface vty 0 4
[H3C-ui-vty0-4]authentication-mode scheme
[H3C-ui-vty0-4]user privilege level 3
[H3C-ui-vty0-4]quit
[H3C]local-user admin
[H3C-luser-admin]password simple 123456 //simple明文、cipher密文
[H3C-luser-admin]service-type telnet
[H3C-luser-admin]authorization-attribute user privilege level 3
|
登录测试:
其它
- 当权限设置为非3的时候,如果需要使用3级权限,可以配置超级密码
1
| [H3C]super password level 3 cipher/simple ******
|
- 本地用户的密码相关配置
1
2
3
| [H3C-luser-admin]password-control aging 10 //老化时间10天
[H3C-luser-admin]password-control composition type-number 3 type-length 5 //密码元素的最少组合类型为3种,每种元素最少5个
[H3C-luser-admin]password-control length 10 //最小长度为10
|
- vty用户的超时配置
1
| [H3C-ui-vty0-4]idle-timeout 5 30 //超时时间为5分30秒
|
H3C v7
v5版本下telnet有三种模式,用户权限为level0~15、network-admin、network-operator(缺省)。
none
1
2
3
4
5
| <H3C>system-view
[H3C]telnet server enable
[H3C]line vty 0 4
[H3C-line-vty0-4]authentication-mode none
[H3C-line-vty0-4]user-role network-admin
|
password
1
2
3
4
5
6
| <H3C>system-view
[H3C]telnet server enable
[H3C]line vty 0 4
[H3C-line-vty0-4]authentication-mode password
[H3C-line-vty0-4]set authentication password simple 123456
[H3C-line-vty0-4]user-role network-admin
|
scheme
1
2
3
4
5
6
7
8
9
10
| <H3C>system-view
[H3C]telnet server enable
[H3C]line vty 0 4 //与[H3C]user-interface vty 0 4效果一致
[H3C-line-vty0-4]authentication-mode scheme
[H3C-line-vty0-4]user-role network-admin
[H3C-line-vty0-4]quit
[H3C]local-user admin [class] [manage]//默认加入manage组
[H3C-luser-manage-admin]password simple 123456 //simple明文、hash密文
[H3C-luser-manage-admin]service-type telnet
[H3C-luser-manage-admin]authorization-attribute user-role network-admin
|
其它
- 配置用户分级密码,使用
super <level>命令切换权限
1
| [H3C]super password role network-admin hash/simple ******
|
- 本地用户的密码相关配置
1
2
3
4
5
6
| [H3C-luser-manage-admin]password-control aging 10 //老化时间10天
[H3C-luser-manage-admin]password-control composition type-number 3 type-length 5 //密码元素的最少组合类型为3种,每种元素最少5个
[H3C-luser-manage-admin]password-control length 10 //最小长度为10
[H3C-luser-manage-admin]password-control login-attempt 5 //重复尝试登录次数为5
[H3C-luser-manage-admin]password-control complexity same-character check //禁止密码中出现3个及以上重复字符串
[H3C-luser-manage-admin]password-control complexity user-name check //禁止密码中出现用户名
|
- vty用户的超时配置
1
| [H3C-line-vty0-4]idle-timeout 5 30 //超时时间为5分30秒
|