37
CONFIGURING TERMINAL ACCESS
SECURITY
This chapter provides an overview to the security features provided for terminal
access of 3Com routers and covers the following topics:
■ Terminal Access Security Overview
■ Configuring Terminal Access Security
■ EXEC Configuration Example
Terminal Access
Security Overview
3Com routers adopt cascade protection for the command line interface, and
divide terminal access users into three types:
■ Administrators
■ Operators
■ Guests
A guest user can only log onto the router to execute the interconnectivity test
commands, such as ping, tracert, pad. An operator user can only view the running
and debugging information of the router. An administrator user can not only view
all the router information, but can also configure and maintain the router. All users
need to authenticate the usernames and passwords when visiting the router.
The command line interface (CLI) provides the following features for terminal
users:
■ For security, password input is not displayed on the terminal screen.
■ If an illegal user attempts to break into the system by testing different
passwords, access is automatically denied if the wrong password is entered
consecutively three times.
Users can set the terminal timeout time. If a terminal user makes no keyboard
input within a certain time, the access is disconnected automatically, so as to avoid
illegal access to the router.
Configuring Terminal
Access Security
Terminal access security includes tasks described in the following sections:
■ Configuring a User
■ Configuring User Login Authentication
Configuring a User Perform the following configurations in system view.
Table 595 Configure a User
Operation Command