Pre-configuration Tasks
Before configuring users to log in using STelnet, you must log in to the device through the
console port to change the default configurations on the device, so that users can remotely log
in to the device using Telnet to manage and maintain the device. The following default
configurations must be changed:
l Configuring the IP address of the management network port on the device and ensuring
that a reachable route exists between the user terminal and the device
l Configuring the user access level and authentication mode of the VTY user
interface for remote device management and maintenance.
l Configuring the VTY user interface to support the SSH protocol, configuring the SSH
user and specify STelnet as a service mode for the SSH user, and enabling the STelnet
server function so that the user can remotely log in to the device through STelnet
Data Preparation
To configure users to log in using STelnet, you need the following data:
No. Data
1 user authentication mode, username, and password, (optional)Maximum number of
VTY user interfaces allowed, (optional) ACL for restricting incoming and outgoing
calls on VTY user interfaces, (optional)connection timeout period for terminal users,
number of rows displayed in a terminal screen, size of the history command buffer
2 Username, password, authentication mode, and service type of an SSH user and
remote public RSA key pair allocated to the SSH user
3 (Optional) Name of an SSH server, number of the port monitored by the SSH server,
preferred encryption algorithm from the STelnet client to the SSH server, preferred
encryption algorithm from the SSH server to the STelnet client, preferred HMAC
algorithm from the STelnet client to the SSH server, preferred HMAC algorithm from
the SSH server to the STelnet client, preferred algorithm for key exchange, name of
the outgoing interface, and source address
5.4.2 Configuring the User Access Level and User Authentication
Mode of the VTY User Interface
By default, the user access level is 0. Before logging in to the device using STelnet for
maintenance and management, you must log in to the device through the console port to change
the user access level and user authentication mode.
Context
In general, the default values of other VTY user interface attributes do not need to be modified.
These attributes can be changed if necessary. For details, see Configuring the VTY User
Interface.
The sequence of the following steps is not fixed but all the configurations are mandatory.
Huawei AR1200 Series Enterprise Routers
Configuration Guide - Basic Configuration 5 Configuring User Login
Issue 04 (2012-05-15) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
84
To Next Page
Loading...
