Local user passwords are not visible on the CLI, no split screen when viewing configuration via ssh login
- 0 Followed
- 0Collected ,3033Browsed
Network Topology
Traditional Topology
Problem Description
Problem 1:
Command line does not show up after configuring password for local user.
# local-user ceshi class manage
service-type ssh
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
Normally the password will be displayed, but it is encrypted so that the value cannot be seen.
# local-user test class manage
password hash $h$6$19fx/1t5N6k43wVf$H4kuRKPGOP5Z3SBYZks6c2JiqvakHbrNTjCf8f0tFHQujkjSy6QYw1rmXr/OEYtk0ipDBwRAeSmrQeJ5Jb/VRw==
service-type ssh
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
Problem 2: When logging in to the device command line via ssh to view the configuration without splitting the screen, the configuration will be printed all at once, resulting in a part of the configuration being overwritten in the earliest printout.
Process Analysis
1. local users configure password after the command line does not display because the global enable password control.
# password-control enable //Enable global password control function
undo password-control aging enable
undo password-control length enable
undo password-control composition enable
undo password-control history enable
2. The number of lines displayed on each screen is configured in the user line view. Screen-length 0 indicates that split screens are not displayed.
# line vty 0 9
authentication-mode scheme
user-role network-admin user-role network-operator
protocol inbound ssh
screen-length 0 //The value ranges from 0 to 512. 0 indicates that all information is displayed at one time, that is, split-screen display is not performed. In this case, the effect is the same as running the screen-length disable command.
Solution
Problem 1: If password-control is enabled, the password of the local user is not displayed. Delete the password-control enable function.
Problem 2: Delete screen-length 0 or set the specified value. The default setting of screen-length setting is to allow split-screen display and display 24 lines of data on the next screen. If the device is configured with screen-length disable, this also needs to be deleted.