5-6
Table 5-5 Set the HWTACACS authentication scheme for user level switching
Operation Command Description
Enter system view
system-view
—
Enter ISP domain view
domain domain-name
—
Set the HWTACACS
authentication scheme for
user level switching
authentication super
hwtacacs-scheme
hwtacacs-scheme-name
Required
By default, the HWTACACS
authentication scheme for user level
switching is not set.
When setting the HWTACACS authentication scheme for user level switching using the authentication
super hwtacacs-scheme command, make sure the HWTACACS authentication scheme identified by
the hwtacacs-scheme-name argument already exists. Refer to AAA Operation for information about
HWTACACS authentication scheme.
Switching to a specific user level
Table 5-6 Switch to a specific user level
Operation Command Remarks
Switch to a specified user level super [ level ]
Required
Execute this command in user view.
z If no user level is specified in the super password command or the super command, level 3 is
used by default.
z For security purpose, the password entered is not displayed when you switch to another user level.
You will remain at the original user level if you have tried three times but failed to enter the correct
authentication information.
Configuration example
After a general user telnets to the switch, his/her user level is 0. Now, the network administrator wants to
allow general users to switch to level 3, so that they are able to configure the switch.
1) Super password authentication configuration example
z The administrator configures the user level switching authentication policies.
# Set the user level switching authentication mode for VTY 0 users to super password authentication.
<Sysname> system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] super authentication-mode super-password
To Next Page
Loading...