Passwords used to secure access

When TFTP is disabled, you are prohibited from using the copy tftp command to copy files to the system flash. If you enter this command while TFTP is disabled, the system will reject the command and display an error message.

To re-enable TFTP client access once it is disabled, enter the following command.

Brocade(config)# no tftp disable

Syntax: [no] tftp disable

Passwords used to secure access

Passwords can be used to secure the following access methods:

Telnet access can be secured by setting a Telnet password. Refer to “Setting a Telnet password” on page 13.

Access to the Privileged EXEC and CONFIG levels of the CLI can be secured by setting passwords for management privilege levels. Refer to “Setting passwords for management privilege levels” on page 14.

This section also provides procedures for enhancing management privilege levels, recovering from a lost password, and disabling password encryption.

NOTE

You also can configure up to 16 user accounts consisting of a user name and password, and assign each user account a management privilege level. Refer to “Local user accounts” on page 17.

Setting a Telnet password

By default, the device does not require a user name or password when you log in to the CLI using Telnet. You can assign a password for Telnet access using one of the following methods.

Set the password “letmein” for Telnet access to the CLI using the following command at the global CONFIG level.

Brocade(config)# enable telnet password letmein

Syntax: [no] enable telnet password string

Suppressing Telnet connection rejection messages

By default, if a Brocade device denies Telnet management access to the device, the software sends a message to the denied Telnet client. You can optionally suppress the rejection message. When you enable the option, a denied Telnet client does not receive a message from the Brocade device. Instead, the denied client simply does not gain access.

To suppress the connection rejection message, use the following CLI method.

To suppress the connection rejection message sent by the device to a denied Telnet client, enter the following command at the global CONFIG level of the CLI.

Brocade(config)# telnet server suppress-reject-message

Brocade ICX 6650 Security Configuration Guide

13

53-1002601-01

 

Page 33
Image 33
Brocade Communications Systems 6650 Passwords used to secure access, Setting a Telnet password, Syntax no tftp disable