protocol inbound
Use protocol inbound to specify the supported protocols.
Use undo protocol inbound to restore the default.
Syntax
In non-FIPS mode:
protocol inbound { all | ssh | telnet }
undo protocol inbound
In FIPS mode:
protocol inbound ssh
undo protocol inbound
Default
In non-FIPS mode, all protocols are supported.
In FIPS mode, SSH is supported.
Views
VTY line view
VTY line class view
Predefined user roles
network-admin
Parameters
all: Supports all protocols, including SSH, PAD, and Telnet.
ssh: Supports SSH only.
telnet: Supports Telnet only.
Usage guidelines
Only users assigned the network-admin, or level-15 user role can execute this command. Other users cannot execute this command, even if they are granted the right to execute this command.
A configuration change in user line view does not take effect for the current session. It takes effect for subsequent login sessions.
Before configuring a user line to support SSH, set the authentication mode to scheme for the user line.
In VTY line view, this command is associated with the authentication-mode command. If you specify a non-default value for one of the two commands, the other command uses the default setting, regardless of the setting in VTY line class view.
If the settings of the two commands in VTY line view are both the default settings, the settings for the commands in VTY line class view take effect.
If the settings of the two commands in VTY line view are both non-default settings, the non-default settings in VTY line view take effect.
If only one command has a non-default setting in VTY line view, the other command uses the default setting, regardless of the setting in VTY line class view.
Examples
# Enable user lines VTY 0 through VTY 4 to support only SSH.
<Sysname> system-view [Sysname] line vty 0 4 [Sysname-line-vty0-4] authentication-mode scheme [Sysname-line-vty0-4] protocol inbound ssh
# Enable SSH support and set the authentication mode to scheme in VTY line class view. Enable user lines VTY 0 through VTY 4 to support all protocols and disable authentication for the user lines.
<Sysname> system-view [Sysname] line class vty [Sysname-line-class-vty] authentication-mode scheme [Sysname-line-class-vty] protocol inbound ssh [Sysname-line-class-vty] line vty 0 4 [Sysname-line-vty0-4] authentication-mode none
To verify the configuration:
Telnet to the device.
<Client> telnet 192.168.1.241 Trying 192.168.1.241 ... Press CTRL+K to abort Connected to 192.168.1.241 ... ****************************************************************************** * Copyright (c) 2010-2017 Hewlett Packard Enterprise Development LP * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** <Server>
You are logged in without authentication.
Display online CLI user information.
<Server> display users Idx Line Idle Time Pid Type + 50 VTY 0 00:00:00 Jan 17 15:29:27 189 TEL Following are more details. VTY 0 : Location: 192.168.1.186 + : Current operation user. F : Current operation user works in async mode.
The output shows that you are using VTY 0. The configuration in user line view is effective.
Related commands
authentication-mode