protocol inbound

Use protocol inbound to specify the supported protocols.

Use undo protocol inbound to restore the default.

Syntax

In non-FIPS mode:

protocol inbound { all | ssh | telnet }

undo protocol inbound

In FIPS mode:

protocol inbound ssh

undo protocol inbound

Default

In non-FIPS mode, all protocols are supported.

In FIPS mode, SSH is supported.

Views

VTY line view

VTY line class view

Predefined user roles

network-admin

Parameters

all: Supports all protocols, including SSH, PAD, and Telnet.

ssh: Supports SSH only.

telnet: Supports Telnet only.

Usage guidelines

Only users assigned the network-admin, or level-15 user role can execute this command. Other users cannot execute this command, even if they are granted the right to execute this command.

A configuration change in user line view does not take effect for the current session. It takes effect for subsequent login sessions.

Before configuring a user line to support SSH, set the authentication mode to scheme for the user line.

In VTY line view, this command is associated with the authentication-mode command. If you specify a non-default value for one of the two commands, the other command uses the default setting, regardless of the setting in VTY line class view.

• If the settings of the two commands in VTY line view are both the default settings, the settings for the commands in VTY line class view take effect.

• If the settings of the two commands in VTY line view are both non-default settings, the non-default settings in VTY line view take effect.

• If only one command has a non-default setting in VTY line view, the other command uses the default setting, regardless of the setting in VTY line class view.

Examples

# Enable user lines VTY 0 through VTY 4 to support only SSH.

<Sysname> system-view
[Sysname] line vty 0 4
[Sysname-line-vty0-4] authentication-mode scheme
[Sysname-line-vty0-4] protocol inbound ssh

# Enable SSH support and set the authentication mode to scheme in VTY line class view. Enable user lines VTY 0 through VTY 4 to support all protocols and disable authentication for the user lines.

<Sysname> system-view
[Sysname] line class vty
[Sysname-line-class-vty] authentication-mode scheme
[Sysname-line-class-vty] protocol inbound ssh
[Sysname-line-class-vty] line vty 0 4
[Sysname-line-vty0-4] authentication-mode none

To verify the configuration:

1. Telnet to the device.

   <Client> telnet 192.168.1.241
   Trying 192.168.1.241 ...
   Press CTRL+K to abort
   Connected to 192.168.1.241 ...
   
   ******************************************************************************
   * Copyright (c) 2010-2017 Hewlett Packard Enterprise Development LP          *
   * Without the owner's prior written consent,                                 *
   * no decompiling or reverse-engineering shall be allowed.                    *
   ******************************************************************************
   
   <Server>
   

   You are logged in without authentication.

2. Display online CLI user information.

   <Server> display users
     Idx  Line     Idle       Time              Pid     Type
   + 50   VTY 0    00:00:00   Jan 17 15:29:27   189     TEL
   
   Following are more details.
   VTY 0   :
           Location: 192.168.1.186
    +    : Current operation user.
    F    : Current operation user works in async mode.
   

   The output shows that you are using VTY 0. The configuration in user line view is effective.

Related commands

authentication-mode