Protecting Management Access презентация

Октябрь 9, 2021

Главная
Информатика
Protecting Management Access

Содержание

28. AUX user interface Manages and monitors users who log in through the console port (out-of-band management)
29. • VTY (virtual terminal line) user interface Manages and monitors users who log in through Telnet
34. system-view [Comware5] user-interface aux 0 [Comware5-ui-aux0] authentication-mode password [Comware5-ui-aux0] set authentication password simple [Comware5-ui-aux0] authorization attribute
36. system-view [Comware5] user-interface aux 0 [Comware5-uiaux0] authentication-mode scheme [Comware5-uiaux0] command authorization [Comware5-uiaux0] command accounting [Comware5-uiaux0] quit
37. [Comware5-uia-ux0] authentication default local [Comware5-uia-ux0] local-user [Comware5-uia-ux0] quit [Comware5-uia-ux0] password simple [Comware5-uia-ux0] authorization attribute level 3
52. If the super commands listed earlier were entered on the switch, you could use a super
53. In this example, you could use the super password — hp in the example — to
54. In this example, you could then switch to level 3, using the super password, hp. .
58. Скачать презентацию

AUX user interface
Manages and monitors users who log in through the console

port (out-of-band management) on Comware switches. The type of the console port is EIA/TIA-232 DTE. The interface ID is aux0.
• CON user interface
Manages and monitors users who log in through the console port (out-of-band management) on Comware routers. The interface ID is con0.

Слайд 29

• VTY (virtual terminal line) user interface
Manages and monitors users who log in

through Telnet or SSH (in-band management). A Comware switch can support more than one such session, so it has multiple VTY interfaces. The interface IDs are vty 0, vty1, and so on, to vty n (in which n is the number of sessions supported minus one). To find out the number of sessions supported on a particular switch, refer to the switch documentation to. You can also enter the user-interface vty 0 ? command in the Comware CLI to find the range for VTY interface IDs. The user interface (also called a line) allows you to manage and monitor terminal sessions between a management station and the switch. The Comware CLI has a view associated with each interface, which you access with this command: user-interface .

Слайд 30

Слайд 31

Слайд 32

Слайд 33

Слайд 34

system-view
[Comware5] user-interface aux 0
[Comware5-ui-aux0] authentication-mode password
[Comware5-ui-aux0] set authentication password simple
[Comware5-ui-aux0]

authorization attribute level 3

Слайд 35

Слайд 36

system-view
[Comware5] user-interface aux 0
[Comware5-uiaux0] authentication-mode scheme
[Comware5-uiaux0] command authorization
[Comware5-uiaux0] command accounting
[Comware5-uiaux0] quit

Слайд 37

[Comware5-uia-ux0] authentication default local
[Comware5-uia-ux0] local-user
[Comware5-uia-ux0] quit
[Comware5-uia-ux0] password simple
[Comware5-uia-ux0] authorization attribute

level 3

Слайд 38

Слайд 39

Слайд 40

Слайд 41

Слайд 42

Слайд 43

Слайд 44

Слайд 45

Слайд 46

Слайд 47

Слайд 48

Слайд 49

Слайд 50

Слайд 51

Слайд 52

If the super commands listed earlier were entered on the switch, you could

use a super password - hp, in this example - to move to a different privilege level.

If you tried to move to system view, however, you would see the following message:
You cannot reach the system view and use configuration commands at this level.

Слайд 53

In this example, you could use the super password — hp in the

example — to switch to privilege level 2:

With this privilege level, you could move to the system view.
As you see, you can now access all the system view commands. If you returned to the user view and attempted to view the file directory, however, you would find that you do not have rights to enter this command.
[Comware-1] quit
dir
^ % Unrecognized command found at '^' position.

Слайд 54

In this example, you could then switch to level 3, using the super

password, hp.
.

If you moved to system view, you would see that you have access to user view commands as well.

Protecting Management Access презентация

Содержание

AUX user interfaceManages and monitors users who log in through the console

• VTY (virtual terminal line) user interfaceManages and monitors users who log in

system-view[Comware5] user-interface aux 0[Comware5-ui-aux0] authentication-mode password [Comware5-ui-aux0] set authentication password simple [Comware5-ui-aux0]

system-view[Comware5] user-interface aux 0[Comware5-uiaux0] authentication-mode scheme [Comware5-uiaux0] command authorization[Comware5-uiaux0] command accounting[Comware5-uiaux0] quit

[Comware5-uia-ux0] authentication default local [Comware5-uia-ux0] local-user [Comware5-uia-ux0] quit[Comware5-uia-ux0] password simple [Comware5-uia-ux0] authorization attribute