Scribd Logo
Upload

Welcome to Scribd!

  • 01-02 Login Password Management

    Uploaded by

    naleonce02
    6 views5 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views5 pages

    01-02 Login Password Management

    Uploaded by

    naleonce02

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    S300, S500, S2700, S5700, and S6700 Series

    Ethernet Switches
    Configuration Guide - Basic Configuration 2 Login Password Management

    2 Login Password Management

    This section describes how to configure login passwords based on modular and
    fixed switches of multiple versions.
    2.1 What Is the Default Login Password?
    2.2 Restoring the Password for Console Port Login
    2.3 Restoring the Password for Telnet Login
    2.4 Restoring the BootLoad Password
    2.5 Restoring the Password for Web Login

    2.1 What Is the Default Login Password?


    The default username and password are available in S Series Switches Default
    Usernames and Passwords (Enterprise Network or Carrier). If you have not
    obtained the access permission of the document, see Help on the website to find
    out how to obtain it.

    NOTE

    For device security purposes, change the password periodically.

    2.2 Restoring the Password for Console Port Login


    If you forget the password for logging in through the console port or you want to
    change the password, use either of the following two methods to set a new
    password.

    Logging In to the Switch Through STelnet or Telnet to Set a New Password

    NOTICE

    Telnet may bring security risks. You are advised to log in to the switch through
    STelnet V2.

    Issue 03 (2022-06-27) Copyright © Huawei Technologies Co., Ltd. 23


    S300, S500, S2700, S5700, and S6700 Series
    Ethernet Switches
    Configuration Guide - Basic Configuration 2 Login Password Management

    Ensure that you have an STelnet/Telnet account and administrator rights. The
    following uses the command lines and outputs of logging in to the device using
    STelnet as an example. After logging in to the switch through STelnet, perform the
    following configuration.
    # Take password authentication as an example. Set the password to
    Example@123.
    <HUAWEI> system-view
    [HUAWEI] user-interface console 0
    [HUAWEI-ui-console0] authentication-mode password
    [HUAWEI-ui-console0] set authentication password cipher Example@123
    [HUAWEI-ui-console0] return
    <HUAWEI> save

    # Take AAA authentication as an example. Set the user name and password to
    admin123 and Example@123 respectively.
    <HUAWEI> system-view
    [HUAWEI] user-interface console 0
    [HUAWEI-ui-console0] authentication-mode aaa
    [HUAWEI-ui-console0] quit
    [HUAWEI] aaa
    [HUAWEI-aaa] local-user admin123 password irreversible-cipher Example@123
    [HUAWEI-aaa] local-user admin123 service-type terminal
    [HUAWEI-aaa] return
    <HUAWEI> save

    Clearing the Lost Password Through the BootLoad Menu


    NOTE

    If multiple switches are stacked, power off the member switches. After completing the
    following operations on the master switch, run the save command to ensure that the
    configurations on the master switch can be synchronized after other member switches are
    started.

    You can use the BootLoad menu of the switch to clear the lost password for
    console port login. After starting the switch, set a new password and save your
    configuration. Perform the following steps.
    1. Connect the terminal to the console port of the switch and restart the switch.
    When the following message is displayed, press Ctrl+B or Ctrl+E immediately
    and enter the BootLoad password to access the BootLoad menu.
    Press Ctrl+B or Ctrl+E to enter BootLoad menu ... 2
    password: //Enter the BootLoad password.

    NOTE

    Some switch models allow you to enter the BootLoad menu by pressing Ctrl+E. Perform
    operations as prompted on the screen.
    The command outputs of different versions on different devices may be different.
    Therefore, the command outputs on your device may be different from that provided in
    this example.
    The default username and password are available in S Series Switches Default Usernames
    and Passwords (Enterprise Network or Carrier). If you have not obtained the access
    permission of the document, see Help on the website to find out how to obtain it.
    2. Select Clear password for console user on the BootLoad menu to clear the
    password for console port login.
    3. Select Boot with default mode on the BootLoad menu to start the switch as
    prompted.

    Issue 03 (2022-06-27) Copyright © Huawei Technologies Co., Ltd. 24


    S300, S500, S2700, S5700, and S6700 Series
    Ethernet Switches
    Configuration Guide - Basic Configuration 2 Login Password Management

    NOTE

    Do not select Reboot; otherwise, the password cannot be cleared.


    4. After the switch is started, log in through the console port. Authentication is
    not required when you log in. Set a password as prompted after login. (In
    V200R009 and later versions, the authentication mode for console port login
    is non-authentication after the device starts, and the system does not ask you
    to configure an authentication password.)
    5. You can set an authentication mode and password for the console user
    interface according to service requirements.

    Related Content
    Videos
    Recover the Console Port Login Password.

    2.3 Restoring the Password for Telnet Login


    If you forget or want to change the Telnet login password, log in to the switch
    through the console port and set a new password for Telnet login.

    NOTE

    The following uses the command lines of the S7700 in V200R008C00 as an example.

    # Log in to the device through the console port.


    1. Connect the DB9 female connector of the console cable to the serial port
    (COM) on the PC, and connect the RJ45 connector to the console port on the
    device.
    2. Start the terminal emulation software on the PC. Create a connection, select
    the connected port, and set communication parameters.
    – Baud rate: 9600
    – Data bits: 8
    – Stop bits: 1
    – Parity: None
    – Flow control: None
    3. Click Connect. Enter or configure the login password as prompted to log in to
    the switch.
    # Take password authentication for VTY0 login as an example. Set the password
    to Example@123.
    <HUAWEI> system-view
    [HUAWEI] user-interface vty 0
    [HUAWEI-ui-vty0] protocol inbound telnet //By default, switches running V200R006 and earlier versions
    use Telnet and do not need to have this command configured; switches running V200R007 and later
    versions use SSH and need to have this command configured.
    [HUAWEI-ui-vty0] authentication-mode password
    [HUAWEI-ui-vty0] set authentication password cipher Example@123
    [HUAWEI-ui-vty0] user privilege level 15
    [HUAWEI-ui-vty0] return
    <HUAWEI> save

    Issue 03 (2022-06-27) Copyright © Huawei Technologies Co., Ltd. 25


    S300, S500, S2700, S5700, and S6700 Series
    Ethernet Switches
    Configuration Guide - Basic Configuration 2 Login Password Management

    # Take AAA authentication for VTY0 login as an example. Set the user name and
    password to admin123 and Example@123 respectively.
    <HUAWEI> system-view
    [HUAWEI] user-interface vty 0
    [HUAWEI-ui-vty0] protocol inbound telnet //By default, switches running V200R006 and earlier versions
    use Telnet and do not need to have this command configured; switches running V200R007 and later
    versions use SSH and need to have this command configured.
    [HUAWEI-ui-vty0] authentication-mode aaa
    [HUAWEI-ui-vty0] quit
    [HUAWEI] aaa
    [HUAWEI-aaa] local-user admin123 password irreversible-cipher Example@123
    [HUAWEI-aaa] local-user admin123 service-type telnet
    [HUAWEI-aaa] local-user admin123 privilege level 15
    Warning: This operation may affect online users, are you sure to change the user privilege level ?[Y/N]y
    [HUAWEI-aaa] return
    <HUAWEI> save

    2.4 Restoring the BootLoad Password


    If you forget the BootLoad password or want to change the password, use either
    of the following two methods to reset or set a new BootLoad password:

    Log In to the Switch Through the Console Port, Telnet, or STelnet to Reset
    the BootLoad Password
    # Log in to the switch and restore the default BootLoad password.
    <HUAWEI> reset boot password
    The password used to enter the boot menu by clicking Ctrl+B will be restored to the default password,
    continue? [Y/N] y

    The default username and password are available in S Series Switches Default
    Usernames and Passwords (Enterprise Network or Carrier). If you have not
    obtained the access permission of the document, see Help on the website to find
    out how to obtain it.

    Changing the BootLoad Password Through the BootLoad Menu


    NOTE

    This method can be used only when the BootLoad password is known.
    If the switch has two MPUs, remove the standby MPU before performing the following
    operations. After performing the following operations, install the standby MPU and run the
    save command to ensure the consistent configuration on the active and standby MPUs.
    If multiple switches are stacked, power off the member switches. After completing the
    following operations on the master switch, run the save command to ensure that the
    configurations on the master switch can be synchronized after other member switches are
    started.

    You can use the BootLoad menu of the switch to reset the BootLoad password.
    When starting the switch, set a new password and save your configuration.
    Perform the following operations.

    1. Connect the terminal to the console port of the switch and restart the switch.
    When the following message is displayed, press Ctrl+B or Ctrl+E immediately
    and enter the BootLoad password to access the BootLoad menu.

    Issue 03 (2022-06-27) Copyright © Huawei Technologies Co., Ltd. 26


    S300, S500, S2700, S5700, and S6700 Series
    Ethernet Switches
    Configuration Guide - Basic Configuration 2 Login Password Management

    Press Ctrl+B or Ctrl+E to enter BootLoad menu ... 2


    password: //Enter the BootLoad password.

    NOTE

    The display on different devices in different versions may be different. Therefore, the
    display on your device may be different from that provided in this example.
    2. On the BootLoad menu, choose Enter password submenu. The password
    submenu is displayed.
    3. To change the BootLoad password, choose Reset bootload password or
    Modify bootload password from the password submenu as prompted.

    2.5 Restoring the Password for Web Login


    If you forget or want to change the web login password, log in to the switch
    through the console port, Telnet, or STelnet, and set a new password for web
    login.

    NOTICE

    Telnet may bring security risks. You are advised to log in to the switch through the
    console port or STelnet V2.

    # Set the user name and password to admin123 and Example@123 respectively.
    <HUAWEI> system-view
    [HUAWEI] aaa
    [HUAWEI-aaa] local-user admin123 password irreversible-cipher Example@123
    [HUAWEI-aaa] local-user admin123 service-type http
    [HUAWEI-aaa] local-user admin123 privilege level 15
    Warning: This operation may affect online users, are you sure to change the user privilege level ?[Y/N]y
    [HUAWEI-aaa] return
    <HUAWEI> save

    Issue 03 (2022-06-27) Copyright © Huawei Technologies Co., Ltd. 27

    You might also like