HP Switch Software Manual Supplement for A.15.15, RA.15.15, WB.15.15, and YA/YB.15.15 Abstract
HP Switch Software Manual Supplement for A.15.15, RA.15.15, WB.15.15, and YA/YB.15.15 Abstract This switch manual supplement is intended for network administrators and support personnel, and applies to the switch models listed on this page unless otherwise noted. This document includes the following: • Software Feature Updates in Releases: A.15.15, RA.15.15, WB.15.15, and YA/YB.15.15 • Documentation update for the HP Switch Software Access Security Guide Applicable Products HP Switch 2530-series (J9772A, J9773A, J9774A, J9775A, J9776A, J9777A, J9778A, J9779A, J9780A, J9781A, J9782A, J9783A) HP Switch 2615-series (J9565A) HP Switch 2915-series (J9562A) HP Switch 2620-series (J9623A, J9624A, J9625A, J9626A, J9627A) HP Switch 2920-series (J9726A, J9727A, J9728A, J9729A) This supplement applies to the following manual: • HP Switch Software Access Security Guide HP Part Number: 5998-5575 Published: March 2014 Edition: 1 © Copyright 2014 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Contents 1 Updates for the HP Switch Software Access Security Guide..............................4 The no user login option for SSH................................................................................................4 Using the disable-username command to bypass username.......................................................4 Switch behavior when the disable-username is enabled............................................................4 Contents 3 1 Updates for the HP Switch Software Access Security Guide The no user login option for SSH Fix or Feature update? Software Release Affected Chapter Affected Section Feature update: No user login option for SSH Available for software releases: A.15.15, RA.15.15, WB.15.15, and YA/YB.15.15 and later. Secure Shell (SSH) Added the following section. This feature provides a shortcut to logging into the operator or management modes of the switch. A new CLI convenience facility has been added to the configuration interface. This CLI allows an authentication bypass for the username when logging onto the switch. Using the disable-username command to bypass username NOTE: • This feature does not capture solutions for other applications that mandate the username. • This feature does not capture the solution based on the type of management interface used. Syntax: [no]aaa authentication disable-username Use the disable-username command in manager mode to bypass prompting username at the authentication feature of the switch. The disable-username command will display an acceptance option and security warning message similar to the following: Bypass username during authentication while logging into the device to get Manager or Operator access? (y/n) Entering “y/Y” will complete setting the command. The default configuration of the switch is to authenticate based on username and password. This command is disabled by default in the switch configuration. An event log message (warning) will be logged that relates to this command. The event log message with be similar to the following: W 05/22/13 21:02:06 00419 auth: Bypassing the username for Operator and Manager access level is enabled NOTE: • The protocols SFTP and SCP which are based on SSH will exhibit similar behavior as SSH. • There are no changes required for PCM and IDM. Switch behavior when the disable-username is enabled Table 1 shows the behavior of the switch software in different management interfaces when the disable-username command is enabled. 4 Updates for the HP Switch Software Access Security Guide Table 1 Examples of switch behavior when the disable-username is enabled Management Operator Interface Password Operator Username Manager Username Manager Password TELNET Not set Not set Not set Set Notes • Entering the operator password will log onto the switch in operator mode. • Entering the enable command in operator mode will provide access to the switch in manager mode. TELNET Not set Not set Not set Set • Entering the manager password will log onto the switch in manager mode. • Entering the enable command in the operator mode will prompt for the password to be entered for manager mode. TELNET Set Not set Not set Set • Entering the operator password will log onto the switch in operator mode. • Entering the enable command in the operator mode will prompt for the password to be entered for manager mode. • Entering the manager password will log onto the switch in manager mode. TELNET Set Not set Not set Set • Both Operator and Manager Passwords are the same. • Entering the common password will log onto the switch in manager mode. SSH Set Not set Not set Not set In this configuration, the password is entered without the username. Once the enable command is entered, the username prompt will be bypassed. • Entering the operator password will log onto the switch in operator mode. • Entering the enable command in the operator mode will prompt for the password to be entered for manager mode. The no user login option for SSH 5 Table 1 Examples of switch behavior when the disable-username is enabled (continued) Management Operator Interface Password Operator Username Manager Username Manager Password SSH Not set Not set Set Not set Notes • Executing any key will log onto the switch in operator mode. • Entering the enable command in the operator mode will prompt for the password to be entered for manager mode. SSH Set Not set Not set Set • Entering the operator password will log onto the switch in operator mode. • Entering the enable command in the operator mode will prompt for the password to be entered for manager mode. SSH Set Not set Not set Set • Both Operator and Manager passwords are the same. • Entering the password logs onto the switch in the manager mode. WebUI Set Not set Not set Not set • Entering only the operator password, logs onto the switch in manager mode because manager password has not been set. WebUI Not set Not set Not set Set • Clicking the login link on the WebUI will prompt for log in. • Entering only the manager password, logs onto the switch in manager mode. WebUI Set Not set Not set Set • Logging in using the operator password logs onto the switch in operator mode. • Entering only the manager password, logs onto the switch in manager mode. WebUI Set Not set Not set Set • Both Operator and Manager passwords are the same. • Entering only the password, logs onto the switch in manager mode. NOTE: For SSH: There is no username prompt in SSH, (for example: ssh any_username@IP-address). For WebUI: 6 • The user is prompted for both username and password • Any entry including blank in the username field is allowed. This condition is true for all configuration in Table 1. Updates for the HP Switch Software Access Security Guide Figure 1 TELNET screen Figure 2 SSH screen The no user login option for SSH 7 Figure 3 WebUI screen 8 Updates for the HP Switch Software Access Security Guide
© Copyright 2026