-
在用户视图下执行命令install feature-software WEAKEA安装弱安全算法/协议特性包(WEAKEA)。
-
配置Telnet服务器的管理网口IP地址。
<HUAWEI> system-view [HUAWEI] sysname Telnet Server [Telnet Server] interface meth 0/0/0 [Telnet Server-MEth0/0/0] ip address 10.137.217.177 255.255.255.0 [Telnet Server-MEth0/0/0] quit
-
配置服务器的端口号以及使能服务器功能。
[Telnet Server] telnet server enable [Telnet Server] telnet server port 1025 [Telnet Server] telnet server-source all-interface
-
配置VTY用户界面的相关参数。
配置VTY用户界面的最大个数。
[Telnet Server] user-interface maximum-vty 8
配置允许用户登录设备的主机地址。
[Telnet Server] acl 2001 [Telnet Server-acl4-basic-2001] rule permit source 10.137.217.10 0 [Telnet Server-acl4-basic-2001] rule deny source 10.137.217.20 0 [Telnet Server-acl4-basic-2001] quit [Telnet Server] user-interface vty 0 7 [Telnet Server-ui-vty0-7] acl 2001 inbound
配置VTY用户界面的终端属性。
[Telnet Server-ui-vty0-7] shell [Telnet Server-ui-vty0-7] idle-timeout 20 [Telnet Server-ui-vty0-7] screen-length 30 [Telnet Server-ui-vty0-7] history-command max-size 20 [Telnet Server-ui-vty0-7] protocol inbound telnet
配置VTY用户界面的用户验证方式。
[Telnet Server-ui-vty0-7] authentication-mode aaa [Telnet Server-ui-vty0-7] quit
-
配置登录用户的相关信息。
配置登录验证方式。
[Telnet Server] aaa [Telnet Server-aaa] local-user admin1234 password Please configure the login password (8-128) It is recommended that the password consist of at least 2 types of characters, including lowercase letters, uppercase letters, numerals and special characters. Please enter password: Please confirm password: Info: Add a new user. [Telnet Server-aaa] local-user admin1234 service-type telnet [Telnet Server-aaa] local-user admin1234 privilege level 3 [Telnet Server-aaa] quit
检查配置结果
进入PC1的Windows的命令行提示符,执行相关命令,通过Telnet方式登录设备。
C:\Documents and Settings\Administrator> telnet 10.137.217.177 1025
输入Enter键后,在登录窗口输入AAA验证方式配置的登录用户名和密码,验证通过后,出现用户视图的命令行提示符,至此用户成功登录设备。
Username:admin1234
Password:
Info: The max number of VTY users is 8, the number of current VTY users online is 1, and total number of terminal users online is 1.
<Telnet Server>
配置脚本
#
sysname Telnet Server
#
telnet server enable
telnet server-source all-interface
telnet server port 1025
#
acl number 2001
rule 5 permit source 10.137.217.10 0
rule 10 deny source 10.137.217.20 0
#
aaa
local-user admin1234 password irreversible-cipher $1d$g8wLJ`LjL!$CyE(V{3qg5DdU:PM[6=6O$UF-.fQ,Q}>^)OBzgoU$
local-user admin1234 service-type telnet
local-user admin1234 privilege level 3
#
interface MEth0/0/0
ip address 10.137.217.177 255.255.255.0
#
user-interface maximum-vty 8
#
user-interface vty 0 7
acl 2001 inbound
authentication-mode aaa
protocol inbound telnet
history-command max-size 20
idle-timeout 20 0
screen-length 30
#
return