Configuration procedure
# Enable the FIPS mode.
<Sysname> system-view [Sysname] fips mode enable FIPS mode change requires a device reboot. Continue?[Y/N]:y Change the configuration to meet FIPS mode requirements, save the configuration to the next-startup configuration file, and then reboot to enter FIPS mode.
# Enable the password control function.
[Sysname] password-control enable
# Create a local user named test, and set its service type as terminal, privilege level as 3, and password as AAbbcc1234%. The password is a string of at least 10 characters by default and must contain both uppercase and lowercase letters, digits, and special characters.
[Sysname] local-user test [Sysname-luser-test] service-type terminal [Sysname-luser-test] authorization-attribute level 3 [Sysname-luser-test] password Password:*********** Confirm :*********** Updating user(s) information, please wait........... [Sysname-luser-test] quit
# Save the configuration.
[Sysname] save The current configuration will be written to the device. Are you sure? [Y/N]:y Please input the file name(*.cfg)[flash:/startup.cfg] (To leave the existing filename unchanged, press the enter key): flash:/startup.cfg exists, overwrite? [Y/N]:y Validating file. Please wait.......................... Saved the current configuration to mainboard device successfully. Configuration is saved to device successfully. [Sysname] quit
# Reboot the switch.
<Sysname> reboot
![[CAUTION: ]](images/caution.png) | CAUTION: If you do not create a local user and its password before you reboot the switch, you cannot log in to the switch after the switch reboots. In this case, reboot the switch without the configuration file (by ignoring or removing the configuration file) so that the switch operates in non-FIPS mode, and then make correct configurations. | |