HPE Community
Comware Based
1827367 Members
5937 Online
109963 Solutions
New Discussion

vty access level 3 on HP A3600v2

 
SebOOl84
New Member

‎07-08-2014 01:21 AM

‎07-08-2014 01:21 AM

vty access level 3 on HP A3600v2

Hi all
I have a network that is based on HP A serires switches. I have installed 4 new ones A3600v2 and I have a problem with SSH access privilage level. On A3600v1 and A5500 models i used to use this configuration: 

user-interface vty 0 15
 authentication-mode scheme
 user privilege level 3
 protocol inbound ssh

The above config gived me full access to the switch CLI. On the v2 series it doesn't. I have to use super command to get full CLI access. Can someone tell how to get it work on v2 switches ?

0 Kudos
1 REPLY 1
Apachez-
Trusted Contributor

‎07-10-2014 12:50 PM

‎07-10-2014 12:50 PM

Re: vty access level 3 on HP A3600v2

How does the rest of the config look like?

 

In order to use "super" you need to have a super password set, similar to:

 

super password level 3 cipher <REMOVED>

 

Note however if you dont have a super password set and you dont have a user with level 3 permissions you wont be able to alter the configuration afterwards.

 

You can verify which permission a local user might have by looking at the configuration, this is a level 1 user named "admin":

 

local-user admin

 password cipher <REMOVED>

 authorization-attribute level 1

 service-type ssh terminal

 

Changing the above into level 3 should mean that you wont have to issue the super password.

 

In your case I think it defaults to the local user database since you have setup:

 

authentication-mode scheme

 

instead of:

 

authentication-mode password

 

That is something like this should give you super privileges without the need of issue a manual "super" (and without looking in the internal user database):

 

user-interface aux 0
 authentication-mode password
 user privilege level 3
 set authentication password cipher <REMOVED>

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.