HP A3100-16 v2 EI, A3100-16 v2 SI, A3100-16-PoE v2 EI, A3100-24 v2 EI, A3100-24-PoE v2 EI, A3100-8 DC EI, A3100-8 v2 SI, A3100-8-PoE v2 EI, JD311B, JD312B, JD313B, JD318B, JD320B, JG221A, JG222A, JG223A 57

To do…

Use the command…

Remarks

	Enter the default
	ISP domain	domain domain-name
	view

	Apply the	authentication default
	Apply the	{ hwtacacs-scheme
	specified AAA	{ hwtacacs-scheme
	specified AAA	hwtacacs-scheme-name [ local ]
	scheme to the	hwtacacs-scheme-name [ local ]
	scheme to the	local none radius-scheme
Configure the	domain	local none radius-scheme
	domain	radius-scheme-name [ local ] }
		radius-scheme-name [ local ] }
authentication
authentication
mode
	Exit to system	quit
	view	quit
	view

Optional

By default, the AAA scheme is local.

If you specify the local AAA scheme, perform the configuration concerning local user as well. If you specify an existing scheme by providing the radius-scheme-nameargument, perform the following configuration as well:

•For RADIUS and HWTACACS configuration, see the Security Configuration Guide.

•Configure the username and password on the AAA server. (For more information, see the Security Configuration Guide.)

Create a local user and enter local	local-user user-name	Required
user view	local-user user-name	By default, no local user exists.
user view		By default, no local user exists.

	password { cipher simple }	Required
Set the local password	password { cipher simple }	By default, no local password is
Set the local password	password	By default, no local password is
	password	set.
		set.

Specify the command level of the	authorization-attribute level level	Optional
local user	authorization-attribute level level	By default, the command level is 0.
local user		By default, the command level is 0.

Specify the service type for the		Required
Specify the service type for the	service-type ssh	By default, no service type is
local user	service-type ssh	By default, no service type is
local user		specified.
		specified.

Return to system view	quit	—

	ssh user username service-type	Required
Create an SSH user, and specify	stelnet authentication-type	Required
Create an SSH user, and specify	stelnet authentication-type	By default, no SSH user exists, and
the authentication mode for the	{ password { any	By default, no SSH user exists, and
the authentication mode for the	{ password { any	no authentication mode is
SSH user	password-publickey publickey }	no authentication mode is
SSH user	password-publickey publickey }	specified.
	assign publickey keyname }	specified.
	assign publickey keyname }

Configure common settings for VTY		Optional
Configure common settings for VTY	—	See “Configuring common settings
user interfaces	—	See “Configuring common settings
user interfaces		for VTY user interfaces (optional).”
		for VTY user interfaces (optional).”

NOTE:

This chapter describes how to configure an SSH client by using password authentication. For more information about SSH and how to configure an SSH client by using publickey, see the Security Configuration Guide.

After you enable command authorization or command accounting, you need to perform the following configuration to make the function take effect:

•Create a HWTACACS scheme, and specify the IP address of the authorization server and other authorization parameters.

HP manual 57

Models: A3100-16 v2 EI A3100-16 v2 SI A3100-16-PoE v2 EI A3100-24 v2 EI A3100-24-PoE v2 EI A3100-8 DC EI A3100-8 v2 SI A3100-8-PoE v2 EI JD311B JD312B JD313B JD318B JD320B JG221A JG222A JG223A