#Display the commands a Telnet user can use after login. Because the user privilege level is 1, a Telnet user can use more commands now.

<Sysname> ?

User view commands:

debugging

Enable system debugging functions

dialer

Dialer disconnect

display

Display current system information

ping

Ping function

quit

Exit from current command view

refresh

Do soft reset

reset

Reset operation

rsh

Establish one RSH connection

screen-length

Specify the lines displayed on one screen

send

Send information to other user terminal interface

ssh2

Establish a secure shell client connection

super

Set the current user priority level

telnet

Establish one TELNET connection

terminal

Set the terminal line characteristics

tftp

Open TFTP connection

tracert

Trace route function

undo

Cancel current setting

#Configure the device to perform password authentication for Telnet users, and to authorize authenticated Telnet users to use the commands of privilege levels 0, 1, and 2.

<Sysname> system-view

[Sysname] user-interface vty 0 4 [Sysname-ui-vty1] authentication-mode password [Sysname-ui-vty0-4] set authentication password simple 123

[Sysname-ui-vty0-4] user privilege level 2

After the configuration is complete, when users Telnet to the device, they must enter the password 12345678. After passing authentication, they can use commands of levels 0, 1, and 2.

Switching the user privilege level

Users can switch to a different user privilege level without logging out and terminating the current connection. After the privilege level switching, users can continue to manage the device without relogging in, but the commands they can execute have changed. For example, with the user privilege level 3, a user can configure system parameters. After switching to user privilege level 0, the user can execute only basic commands like ping and tracert and use a few display commands. The switching operation is effective for the current login. After the user relogs in, the user privilege restores to the original level.

To avoid problems, HP recommends that administrators log in with a lower privilege level to view switch operating parameters, and switch to a higher level temporarily only when they must maintain the device.

When administrators must leave for a while or ask someone else to manage the device temporarily, they can switch to a lower privilege level before they leave to restrict the operation by others.

136

Page 142
Image 142
HP 200 Unified Threat Management (UTM) Appliance manual Switching the user privilege level