HP 6125G HP 6125G & 6125G/XG Blade Switches Fundamentals Configuration - Page 48

Step Command Remarks 8. Enable command accounting. command accounting 9. Exit to system view. quit Optional. By default, command accounting is disabled. The accounting server does not record the commands executed by users. Command accounting allows the HWTACACS server to record all executed commands that are supported by the device, regardless of the command execution result. This function helps control and monitor user behaviors on the device. If command accounting is enabled and command authorization is not enabled, every executed command is recorded on the HWTACACS server. If both command accounting and command authorization are enabled, only the authorized and executed commands are recorded on the HWTACACS server. N/A 10. Apply an AAA authentication scheme to the intended domain. 11. Create a local user and enter local user view. a. Enter the ISP domain view: domain domain-name b. Apply the specified AAA scheme to the domain: authentication default { hwtacacs-scheme hwtacacs-scheme-name [ local ] | local | none | radius-scheme radius-scheme-name [ local ] } c. Exit to system view: quit local-user user-name Optional. For local authentication, configure local user accounts. For RADIUS or HWTACACS authentication, configure the RADIUS or HWTACACS scheme on the device and configure authentication settings (including the username and password) on the server. For more information about AAA configuration, see Security Configuration Guide. By default, no local user exists. 12. Set a password for the local user. password { cipher | simple } password By default, no password is set. 13. Specify the command level of the user. authorization-attribute level level 14. Specify SSH service for the user. 15. Exit to system view. service-type ssh quit Optional. By default, the command level is 0. By default, no service type is specified. N/A 42