Configuring Login Through the Console or Mini USB Port

Local login through the console or mini USB port is of high rights. If you cannot log in to a switch remotely, connect a PC to the console or mini USB port of the switch for local login.

Only the S5720-HI and S5720-EI (excluding S5720-50X-EI-AC, S5720-50X-EI-DC, S5720-50X-EI-46S-DC, and S5720-50X-EI-46S-AC) support first login through the mini USB port.

The device connection method for mini USB port login is different from that for console port login but the communication parameters during login and configurations after login are the same. The console port login is described as an example.

Common Configurations for Login Through the Console Port

By default, you can directly log in to a switch using the user name for the first login and the changed password without any extra configuration. To add a console user or change user information, perform the following steps:

Set an authentication mode for accessing the console user interface.
Configure authentication information and a user level for the console user interface.

Procedure

Set an authentication mode for accessing the console user interface.
- Set the authentication mode for the console user interface to AAA:
  
  To use AAA authentication, you need to configure the authentication information, access type, and user level for the AAA user.
```
<HUAWEI> system-view
[HUAWEI] user-interface console 0    //Enter the console user interface.
[HUAWEI-console0] authentication-mode aaa    //Set the authentication mode to AAA authentication. By default, AAA authentication is used.
[HUAWEI-console0] quit
```
- Set the authentication mode for the console user interface to password:
  
  To use password authentication, you need to configure the level and login password of the VTY user interface.
```
<HUAWEI> system-view
[HUAWEI] user-interface console 0    //Enter the console user interface.
[HUAWEI-console0] authentication-mode password    //Set the authentication mode for accessing the console user interface to password authentication.
```
- If none authentication is used, any user can be successfully authenticated without entering the user name and password. In actual scenarios, AAA authentication is more secure and is therefore recommended.
- If you configure the console user interface after login through the console port, the configuration takes effect at your next login.
- For device security purposes, change the password periodically.

Configure authentication information and a user level for the console user interface.

Set the authentication mode for the console user to AAA:

To use AAA authentication, you need to configure the authentication information, access type, and user level for the AAA user.

[HUAWEI] aaa
[HUAWEI-aaa] local-user admin123 password irreversible-cipher abcd@123    //Create a local user admin123 and set the password to abcd@123.
[HUAWEI-aaa] local-user admin123 privilege level 15    //Set the level of the local user admin123 to 15.
Warning: This operation may affect online users, are you sure to change the user privilege level ?[Y/N]y
[HUAWEI-aaa] local-user admin123 service-type terminal    //Set the access type of the local user admin123 to terminal user, namely, console user.

Set the authentication mode for the console user to password:

To use password authentication, you need to configure the level and login password of the VTY user interface.

[HUAWEI-console0] authentication-mode password    //Set the authentication mode for accessing the console user interface to password authentication.
[HUAWEI-console0] set authentication password cipher abcd@123    //Set the login password to abcd@123. By default, users who log in to a device using the console interface are at level 15.

Connect to the switch through the console port, press Enter, and enter the user name and password configured for AAA authentication in the login window, to log in to the switch. (In this example, the user name is admin123 and the password is abcd@123.)
```
Login authentication


Username:admin123 
Password: 
<HUAWEI>         
```

Verifying the Configuration

Run the display users [ all ] command to check user login information on the user interface.
Run the display user-interface console 0 command to check user interface information.
Run the display local-user command to check the local user attributes.
Run the display access-user command to check information about online users.

Related Commands

For detailed command description, see Command Reference.

**Table 1** Common commands
Function	Command	Description
Set an authentication mode for accessing a console user interface.	authentication-mode { aaa \| password \| none }	By default, AAA authentication is used. If AAA authentication is selected, you need to configure information about the local AAA user as follows: Run the local-user user-name { password { cipher \| irreversible-cipher } password command to create a local user and set a password for the user. Run the local-user user-name { privilege level level } command to set the level of the local user. Run the local-user user-name service-type { http \| ssh \| telnet \| terminal } ^* command to set the access type of the local user.
Configure the login password for accessing a console user interface.	set authentication password [ cipher password ]	If password authentication is selected, you need to use this command to set the authentication password.
Set the level of users who are allowed to access a console user interface.	user privilege level level	The default user level is 15. The user level set using this command does not take effect for AAA users. The level of AAA users depends on the local user level in the AAA configuration information.

**Table 2** Other commands
Function	Command	Description
Disable the console port login function.	console0 disable	By default, the console port login function is enabled.
Set the flow control mode of a console user interface.	flow-control { hardware \| none \| software }	By default, the flow control mode is none, namely, flow control is not performed.
Set the data bit of a console user interface.	databits { 5 \| 6 \| 7 \| 8 }	The default data bit is 8.
Set the parity bit of a console user interface.	parity { even \| mark \| none \| odd \| space }	By default, the parity bit is none, namely, no check is performed.
Set the stop bit of a console user interface.	stopbits { 1 \| 1.5 \| 2 }	The default stop bit is 1.
Set the baud rate of a console user interface.	speed speed-value	The default transmission rate is 9600 bit/s.
Set the console user interface inactivity timeout.	idle-timeout minutes [ seconds ]	The default timeout value is 10 minutes.
Set the number of lines displayed on a terminal screen.	screen-length screen-length	The default number of lines displayed on a terminal screen is 24.
Set the number of columns displayed on a terminal screen.	screen-width screen-width	The default number of columns displayed on a terminal screen is 80.
Set the size of the historical command buffer on a console user interface.	history-command max-size size-value	By default, a maximum of 10 historical commands can be saved in the buffer.