登录交换机

1. 举例一
# 配置Console 口的认证方式为本地口令认证，且认证口令为明文cdw。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
[Sysname-ui-aux0] authentication-mode password
[Sysname-ui-aux0] set authentication password simple cdw
配置完成后，当用户使用Console口登录交换机时，只有输入正确的口令才能实现成功登录交换机。
2. 举例二
# 配置通过Telnet 登录的VTY 用户认证方式为scheme 认证。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface vty 0
[Sysname-ui-vty0] authentication-mode scheme
[Sysname-ui-vty0] quit
# 指定system 域为缺省域，并设置该域Scheme 认证方式local。
[Sysname] domain default enable system
[Sysname] domain system
[Sysname-isp-system] scheme local
＃ 设置本地认证的用户名和密码。
[Sysname] local-user guest
[Sysname-luser-guest] password simple 123456
[Sysname-luser-guest] service-type telnet level 2
配置完成后，若有用户通过VTY0用户界面登录交换机时，只有输入设置的用户名和密码才能成功
登录交换机。

# 设置用户从VTY0 登录后，自动执行telnet 10.110.100.1 命令。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface vty 0
[Sysname-ui-vty0] auto-execute command telnet 10.110.100.1
% This action will lead to configuration failure through ui-vty0. Are you sure?[Y/N]y
完成命令配置后，当用户通过VTY0用户界面登录设备时，设备将自动执行所设置的命令，并注销
当前用户。

# 设置用户登录时终端不显示版权声明提示信息。
****************************************************************************
* Copyright (c) 2004-2008 Hangzhou H3C Tech. Co., Ltd. All rights reserved.*
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
****************************************************************************
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] undo copyright-info enable
#用户重新登录以太网交换机后，可以看到终端没有显示版权声明提示信息。
<Sysname>

# 配置数据位为7 位。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
1-5
[Sysname-ui-aux0] databits 7

# 显示当前为Telnet Server 设置的源IP 地址。
<Sysname> display telnet-server source-ip
The source IP you specified is 192.168.1.1

# 显示当前为Telnet Client 设置的源IP 地址。
<Sysname> display telnet source-ip
The source IP you specified is 192.168.1.1

# 显示用户界面0 的相关信息。
<Sysname> display user-interface 0
Idx Type Tx/Rx Modem Privi Auth Int
F 0 AUX 0 9600 - 3 N -
+ : Current user-interface is active.
F : Current user-interface is active and work in async mode.
Idx : Absolute index of user-interface.
Type : Type and relative index of user-interface.
Privi: The privilege of user-interface.
Auth : The authentication mode of user-interface.
Int : The physical location of UIs.
A : Authentication use AAA.
N : Current UI need not authentication.
P : Authentication use current UI's password.
1-7
S : Authentication use super password.

# 显示用户界面摘要信息。
<Sysname> display user-interface summary
User interface type : [AUX]
0:X
User interface type : [VTY]
1:UXXX X
1 character mode users. (U)
5 UI never used. (X)
1 total UI in use

# 显示当前用户界面的使用信息。
<Sysname> display users
UI Delay Type Ipaddress Username Userlevel
+ 1 VTY 0 00:00:00 TEL 192.168.0.208 3
+ : Current operation user.
F : Current operation user work in async mode.

# 显示当前在线WEB 用户的相关信息。
<Sysname> display web users
ID Name Language Level Login Time Last Req. Time
00800003 admin English Management 06:16:32 06:18:35

#通过AUX 0 登录交换机的用户，用户级别为3级（管理级用户），释放用户界面VTY0。
1-10
<Sysname>display users
UI Delay Type Ipaddress Username Userlevel
F 0 AUX 0 00:00:00 3
8 VTY 0 00:01:30 TEL 192.168.0.108 song 2
+ : Current operation user.
F : Current operation user work in async mode.
<Sysname> free user-interface vty 0
Are you sure you want to free user-interface vty0 [Y/N]? y
[OK]
执行该命令后，VTY0上的用户连接将被断开，只有再次登录才能连接上交换机。

# 配置进入用户视图的欢迎信息。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] header login %Welcome to login!%
[Sysname] header shell %
Input banner text, and quit with the character '%'.
Welcome to shell!%
[Sysname] header incoming %
Input banner text, and quit with the character '%'.
Welcome to incoming!%
[Sysname] header legal %
Input banner text, and quit with the character '%'.
Welcome to legal!%

# 采用Telnet方式远程登录设备，测试以上设置（只有设置了登录认证之后，才会显示login欢迎
信息）。
**************************************************************************
* Copyright (c) 2004-2008 Hangzhou H3C Tech. Co., Ltd. All rights reserved.*
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
**************************************************************************
Welcome to legal!
Press Y or ENTER to continue, N to exit.
Welcome to login!
Login authentication
1-12
Password:
Welcome to shell!
<Sysname>

# 设置从AUX0用户界面登录用户的历史命令缓冲区的大小为20，即可以保存20条历史命令。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
[Sysname-ui-aux0] history-command max-size 20

# 设置AUX0 用户界面的超时断开连接时间为1 分钟。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
[Sysname-ui-aux0] idle-timeout 1

# 关闭WEB Server。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] ip http shutdown
# 启动WEB Server。
[Sysname] undo ip http shutdown

# 锁住当前用户界面。
<Sysname> lock
回车后，系统提示输入及确认密码，输入的密码为隐藏状态。
Password：
Again：
locked !
1-15
此时用户界面处于锁定状态，再对界面进行操作，系统会提示用户输入密码，输入正确的密码后，
才能进入用户视图。
Password:
<Sysname>

# 设置AUX0 用户界面的校验方式为偶校验。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
[Sysname-ui-aux0] parity even

# 配置VTY0 用户界面只支持SSH 协议。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface vty 0
[Sysname-ui-vty0] protocol inbound ssh

# 设置终端屏幕的一屏行数为20 行。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
[Sysname-ui-aux0] screen-length 20

<Sysname> send all
Enter message, end with CTRL+Z or Enter; abort with CTRL+C:
hello^Z
Send message? [Y/N]y
当前用户界面会收到如下信息：
<Sysname>
***
***
***Message from vty1 to vty1
***
hello

# 设置用户名为zbr 的用户登录后可以访问命令级别为0 级的命令。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] local-user zbr
[Sysname-luser-zbr] service-type telnet level 0
# 退出系统，以用户名zbr重新登录后，可以看到终端上只列出了命令级别为0 级的命令。
<Sysname> ?
User view commands:
cluster Run cluster command
1-19
display Display current system information
nslookup Query Internet name servers
ping Ping function
quit Exit from current command view
super Set the current user priority level
telnet Establish one TELNET connection
tracert Trace route function
undo Cancel current setting

# 设置VTY0 的本地认证明文口令为123。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface vty 0
[Sysname-ui-vty0] set authentication password simple 123

# 通过AUX 用户界面登录以太网交换机，设置在用户界面VTY0 到VTY4上关闭终端服务。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] undo shell
% Disable ui-vty0-4 , are you sure ? [Y/N]y

# 配置AUX 0 用户界面的传输速率为115200bit/s。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
[Sysname-ui-aux0] speed 115200

# 设置AUX 0 用户界面的停止位为2。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface aux 0
[Sysname-ui-aux0] stopbits 2

# 从当前以太网交换机Switch A 登录到另外一台以太网交换机Switch B（IP地址为129.102.0.1）。
<SwitchA> telnet 129.102.0.1
Trying 129.102.0.1 ...
Press CTRL+K to abort
Connected to 129.102.0.1 ...
**************************************************************************
* Copyright(c) 2004-2008 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
**************************************************************************
<SwitchB>

# 连接远端的Telnet 服务器，其IPv6 地址为3001::1。
<Sysname> telnet ipv6 3001::1
Trying 3001::1 ...
Press CTRL+K to abort
Connected to 3001::1 ...
**************************************************************************
* Copyright (c) 2004-2008 Hangzhou H3C Tech. Co., Ltd. All rights reserved.*
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
**************************************************************************
<Sysname>

# 为Telnet Client 指定源接口为Vlan-interface 2。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] telnet source-interface Vlan-interface 2

# 为Telnet Client 指定源IP 地址为192.168.1.1。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] telnet source-ip 192.168.1.1

# 为Telnet Server 指定源接口为Vlan-interface 2。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] telnet-server source-interface Vlan-interface 2

# 为Telnet Server 指定源IP 地址为192.168.1.1。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] telnet-server source-ip 192.168.1.1

# 进入VTY0 用户界面进行配置。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface vty 0
[Sysname-ui-vty0]

# 设置从VTY0 用户界面登录后可以访问的命令级别为1。
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] user-interface vty 0
[Sysname-ui-vty0] user privilege level 1
# 通过Telnet 方式从VTY0用户界面登录交换机后，可以看到终端上只显示了命令级别为1 级的命
令。
<Sysname> ?
User view commands:
cluster Run cluster command
debugging Enable system debugging functions
display Display current system information
msdp-tracert MSDP trace route to source RP
mtracert Trace route to multicast source
nslookup Query Internet name servers
ping Ping function
quit Exit from current command view
reset Reset operation
send Send information to other user terminal interfaces
super Set the current user priority level
telnet Establish one TELNET connection
terminal Set the terminal line characteristics
tracert Trace route function
undo Cancel current setting