Advertisement
Default
Command Modes
Command
History
Usage
Information
Related
Commands
1286
|
Security
method
method4
...
Not configured (that is, no authentication is performed)
CONFIGURATION
Version 7.6.1.0
Introduced for S-Series
Version 7.5.1.0
Introduced for C-Series
pre-Version 6.2.1.0
Introduced on E-Series
By default, the locally configured username password will be used. If
default is configured, FTOS will use the methods defined by this command for login instead.
Methods configured with the
configured. If users encounter an error with the first method listed, FTOS applies the next method
configured. If users fail the first method listed, no other methods are applied. The only exception is the
local method. If the user's name is not listed in the local database, the next method is applied. If the
correct user name/password combination are not entered, the user is not allowed access to the switch.
Note:
If authentication fails using the primary method, FTOS employs the second method (or
third method, if necessary) automatically. For example, if the TACACS+ server is reachable,
but the server key is invalid, FTOS proceeds to the next authentication method. The
TACACS+ is incorrect, but the user is still authenticated by the secondary method.
After configuring the
aaa authentication login
to enable the authentication scheme on terminal lines.
Connections to the SSH server will work with the following login mechanisms: local, radius and
tacacs.
login authentication
password
radius-server host
tacacs-server host
Enter one of the following methods:
enable
•
- use the password defined by the
CONFIGURATION mode.
line
•
- use the password defined by the
mode.
local
•
- use the user name/password defined by the in the local
configuration.
none
•
- no authentication.
radius
•
- use the RADIUS server(s) configured with the
command.
tacacs+
•
- use the TACACS+ server(s) configured with the
host
command.
(OPTIONAL) Enter up to four additional methods. In the event of a "no
response" from the first method, FTOS applies the next configured method (up
to four configured methods).
aaa authentication login
command are evaluated in the order they are
command, configure the
Apply an authentication method list to designated terminal lines.
Create a password.
Specify a RADIUS server host.
Specify a TACACS+ server host.
enable password
command in the
password
command in the LINE
radius-server host
tacacs-server
aaa authentication login
login authentication
command
Advertisement
