Filter
Top Products
To do… Use the command… Remarks
Enter system view system-view —
Enter user interface view
user-interface { first-num1
[ last-num1 ] | { aux | vty }
first-num2 [ last-num2 ] }
—
Configure the authentication mode
for any user that uses the current
user interface to log in to the switch
authentication-mode { none |
password }
Optional
By default, the authentication
mode for VTY user interfaces is
password, and no authentication is
needed for AUX login users.
Configure the privilege level of
users logged in through the current
user interface
user privilege level level
Optional
By default, the user privilege level
for users logged in through the
AUX user interface is 3, and that
for users logged in through the VTY
interfaces is 0.
Example of configuring a user privilege level under a user interface
# Authenticate users logged in to the switch through Telnet, verify their password, and specify their user
privilege level as 2.
<Sysname> system-view
[Sysname] user-interface vty 0 15
[Sysname-ui-vty0-15] authentication-mode password
[Sysname-ui-vty0-15] set authentication password cipher 123
[Sysname-ui-vty0-15] user privilege level 2
By default, Telnet users can use level 0 commands after passing authentication. After the configuration
above is completed, when users log in to the switch through Telnet, they need to input password 123, and
then they can use level 0, 1, and 2 commands.
NOTE:
• For more information about user interfaces, see the chapter “Logging in to the switch configuration.”
For
more information about the user-interface, authentication-mode, and user privilege level commands,
see the chapter “Logging in to the switch commands.”
• For more information about AAA authentication, see the
Security Configuration Guide
. For more
information about the local-user and authorization-attribute commands, see the
Security Command
Reference
.
• For more information about SSH, see the
Security Configuration Guide
.
Switching user privilege level
Introduction
Users can switch to a different user privilege level temporarily without logging out and terminating the
current connection. After the privilege level switch, users can continue to configure the switch without the
need to logging back in, but the commands that they can execute have changed. For example, if the
current user privilege level is 3, the user can configure system parameters. After switching to user
privilege level 0, the user can only execute simple commands, like ping and tracert, and only a few
16