NOTE:
For more information about password control attribute commands, see the chapter “Password control
configuration.”
On a device supporting the password control feature, local user passwords are not displayed, and the local-user
password-display-mode command is not effective.
With the local-user password-display-mode cipher-force command configured, a local user password is
always displayed in cipher text, regardless of the configuration of the password command. In this case, if you
use the save command to save the configuration, all existing local user passwords will still be displayed in cipher
text after the device restarts, even if you restore the display mode to auto.
The access-limit command configured for a local user takes effect only when local accounting is configured.
If the user interface authentication mode (set by the authentication-mode command in user interface view) is
AAA (scheme), which commands a login user can use after login depends on the privilege level authorized to
the user. If the user interface authentication mode is password (password) or no authentication (none), which
commands a login user can use after login depends on the level configured for the user interface (set by the user
privilege level command in user interface view). For an SSH user using public key authentication, which
commands are available depends on the level configured for the user interface. For more information about user
interface authentication mode and user interface command level, see the
Fundamentals Configuration Guide.
Be cautious when deciding which binding attributes should be configured for a local user. Binding attributes are
checked upon local authentication of a user. If the checking fails, the user fails the authentication.
Every configurable authorization attribute has its definite application environments and purposes. When
configuring authorization attributes for a local user, consider what attributes are needed.
To Next Page
Loading...
Need help?
General