Comware

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
### Show interface brief
display interface brief
### Gets Serial Number
display device manuinfo
### Tag vlan 1
port trunk permit vlan 1
#### Backup Switch
backup startup-configuration to x.x.x.x
#### wipe config from switch
reset saved-configuration main
reset saved-configuration backup
reboot
n
y
### Set up SSH, SFTP, TACACS
### From <https://www.madari.co.il/2017/07/hpe-comware-7-using-tacacs-with-aruba.html>
public-key local create rsa
ssh server enable
undo ssh server compatible-ssh1x
sftp server enable
ssh user admin service-type all authentication-type password
local-user admin
service-type ssh telnet terminal
tacacs-server host <ip of primary auth server> key <tacacspassword>
tacacs-server host <ip of secondary auth server> key <tacacspassword>
aaa authentication login privilege-mode
aaa authentication ssh login tacacs local
aaa authentication console login tacacs local
aaa accounting exec start-stop tacacs
aaa accounting commands stop-only tacacs
hwtacacs scheme CPPM
primary authentication <ip of primary auth server>
primary authorization <ip of primary auth server>
primary accounting <ip of primary auth server>
key authentication simple <tacacspassword>
key authorization simple <tacacspassword>
key accounting simple <tacacspassword>
user-name-format without-domain
domain domain.com
authentication login hwtacacs-scheme CPPM local
authorization login hwtacacs-scheme CPPM local
accounting login hwtacacs-scheme CPPM
accounting command hwtacacs-scheme CPPM
authorization command hwtacacs-scheme CPPM
#### Configure the use for default domain
domain default enable domain.com
#### Configure default role
role default-role enable
#### Last configure user interface access
line vty 0 63
authentication-mode scheme
user-role network-operator
command authorization
command accounting