91
To do… Use the command… Remarks
Quit to user view quit —
Manually release the FTP
connection established with the
specified username
free ftp user username
Optional
Available in user view
Configuring authentication and authorization on the FTP server
To allow an FTP user to access certain directories on the FTP server, you need to create an account for the
user, authorizing access to the directories and associating the username and password with the account.
The following configuration is used when the FTP server authenticates and authorizes a local FTP user. If
the FTP server needs to authenticate a remote FTP user, you need to configure authentication,
authorization and accounting (AAA) policy instead of the local user. For detailed configuration, see the
Security Command Reference.
In local authentication, the switch checks the input username and password against those configured on
the switch. In remote authentication, the switch sends the input username and password to the remote
authentication server, which then checks whether they are consistent with those configured on the switch.
Follow these steps to configure authentication and authorization for FTP server:
To do… Use the command…
Remarks
Enter system view system-view —
Create a local user and
enter its view
local-user user-name
Required
No local user exists by default, and the system
does not support FTP anonymous user access.
Assign a password to
the user
password { simple | cipher }
password
Required
Assign the FTP service to
the user
service-type ftp
Required
By default, the system does not support
anonymous FTP access, and does not assign
any service. If the FTP service is assigned, the
root directory of the switch is used by default.
Configure user
properties
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute
| level level | user-profile
profile-name | user-role
security-audit | vlan vlan-id |
work-directory directory-name } *
Optional
By default, the FTP/SFTP users can access the
root directory of the switch, and the user level
is 0. You can change the default configuration
by using this command.
NOTE:
• For more information about the local-user, password, service-type ftp, and authorization-attribute
commands, see the
Security Command Reference
.
• When the switch serves as the FTP server, if the client is to perform the write operations (upload, delete,
create, and delete for example) on the device's file system, the FTP lo
in users must be level 3 users; if the
client is to perform other operations, for example, read operation, the switch has no restriction on the
user level of the FTP login users.
To Next Page
Loading...
Need help?
General