3-4To improve security and prevent attacks to the unused Sockets, TCP 23 and TCP 22, ports for Telnetand SSH services respectively, will be enabled or disabled after corresponding configurations.z If the authentication mode is none, TCP 23 will be enabled, and TCP 22 will be disabled.z If the authentication mode is password, and the corresponding password has been set, TCP 23will be enabled, and TCP 22 will be disabled.z If the authentication mode is scheme, there are three scenarios: when the supported protocol isspecified as telnet, TCP 23 will be enabled; when the supported protocol is specified as ssh, TCP22 will be enabled; when the supported protocol is specified as all, both the TCP 23 and TCP 22port will be enabled.Telnet Configuration with Authentication Mode Being NoneConfiguration ProcedureFollow these steps to configure Telnet with the authentication mode being none:To do… Use the command… RemarksEnter system view system-view —Enter one or more VTY userinterface viewsuser-interface vtyfirst-number [ last-number ] —Configure not to authenticateusers logging in to VTY userinterfacesauthentication-mode noneRequiredBy default, VTY users areauthenticated after logging in.Note that if you configure not to authenticate the users, the command level available to userslogging in to a switch depends on the user privilege level level commandConfiguration ExampleNetwork requirementsAssume current user logins through the console port, and the current user level is set to theadministrator level (level 3). Perform the following configurations for users logging in through VTY0 using Telnet.z Do not authenticate the users.z Commands of level 2 are available to the users.z Telnet protocol is supported.z The screen can contain up to 30 lines.z The history command buffer can contain up to 20 commands.z The timeout time of VTY 0 is 6 minutes.
