3-4
To improve security and prevent attacks to the unused Sockets, TCP 23 and TCP 22, ports for Telnet
and SSH services respectively, will be enabled or disabled after corresponding configurations.
z If the authentication mode is none, TCP 23 will be enabled, and TCP 22 will be disabled.
z If the authentication mode is password, and the corresponding password has been set, TCP 23
will be enabled, and TCP 22 will be disabled.
z If the authentication mode is scheme, there are three scenarios: when the supported protocol is
specified as telnet, TCP 23 will be enabled; when the supported protocol is specified as ssh, TCP
22 will be enabled; when the supported protocol is specified as all, both the TCP 23 and TCP 22
port will be enabled.
Telnet Configuration with Authentication Mode Being None
Configuration Procedure
Follow these steps to configure Telnet with the authentication mode being none:
To do… Use the command… Remarks
Enter system view system-view
Enter one or more VTY user
interface views
user-interface vty
first-number [ last-number ]
Configure not to authenticate
users logging in to VTY user
interfaces
authentication-mode none
Required
By default, VTY users are
authenticated after logging in.
Note that if you configure not to authenticate the users, the command level available to users logging in
to a switch depends on the user privilege level level command
Configuration Example
Network requirements
Assume current user logins through the console port, and the current user level is set to the
administrator level (level 3). Perform the following configurations for users logging in through VTY 0
using Telnet.
z Do not authenticate the users.
z Commands of level 2 are available to the users.
z Telnet protocol is supported.
z The screen can contain up to 30 lines.
z The history command buffer can contain up to 20 commands.
z The timeout time of VTY 0 is 6 minutes.