display local-user

Use display local-user to display the local user configuration and online user statistics.


display local-user [ class manage | idle-cut { disable | enable } | service-type { ftp | http | https | ssh | telnet | terminal } | state { active | block } | user-name user-name class manage | vlan vlan-id ]


Any view

Predefined user roles






class: Specifies the local user type.

manage: Device management user.

idle-cut { disable | enable }: Specifies local users by the status of the idle cut feature.

service-type: Specifies the local users that use a specific type of service.

ftp: FTP users.

http: HTTP users.

https: HTTPS users.

ssh: SSH users.

telnet: Telnet users.

terminal: Terminal users that log in through console ports.

state { active | block }: Specifies local users in active or blocked state. A local user in active state can access network services, but a local user in blocked state cannot.

user-name user-name: Specifies all local users using the specified username. The username must be a case-sensitive string of 1 to 55 characters. The name must meet the following requirements:

vlan vlan-id: Specifies all local users in a VLAN. The vlan-id argument is in the range of 1 to 4094.

Usage guidelines

If you do not specify any parameters, this command displays information about all local users.


# Display information about all local users.

<Sysname> display local-user
Device management user root:
  State:                     Active
  Service type:              SSH/Telnet/Terminal
  Access limit:              Enabled           Max access number: 3
  Current access number:     1
  User group:                system
  Bind attributes:
  Authorization attributes:
    Work directory:          flash:
    User role list:          network-admin
  Password control configurations:
    Password aging:          3 days

Total 1 local users matched.

Table 2: Command output




Status of the local user: active or blocked.

Service type

Service types that the local user can use.

Access limit

Whether the concurrent login limit is enabled.

Max access number

Maximum number of concurrent logins using the local user name.

Current access number

Current number of concurrent logins using the local user name.

User group

Group to which the local user belongs.

Bind attributes

This field is not supported in the current software version.

Binding attributes of the local user.

Authorization attributes

Authorization attributes of the local user.

Idle timeout

Idle timeout period of the user, in minutes.

Work directory

Directory that the FTP, SFTP, or SCP user can access.

User role list

Authorized roles of the local user.

Password control configurations

Password control attributes that are configured for the local user.

Password aging

Password expiration time.

Password length

Minimum number of characters that a password must contain.

Password composition

Password composition policy:

  • Minimum number of character types that a password must contain.

  • Minimum number of characters from each type in a password.

Password complexity

Password complexity checking policy:

  • Reject a password that contains the username or the reverse of the username.

  • Reject a password that contains any character repeated consecutively three or more times.

Maximum login attempts

Maximum number of consecutive failed login attempts.

Action for exceeding login attempts

Action to take on the user that failed to log in after using up all login attempts.