C a u t i o n
Configuring Authentication
You can configure authentication at the following levels:
■
Line
Enable mode
■
■
Local user
■
RADIUS/TACACS+ server groups
To configure the authentication lists for logging in, enter the following
command in Configuration mode:
ProCurve(config)#aaa authentication login <method list>
group <group name> line |local | enable |none
The parameters can be used as follows:
Method lists include individual lists you create or default. Specifying
■
default is equivalent to entering no aaa authentication login.
Ignoring options after the method list option will apply the default
behavior of denying access. This is useful if intended. Unintended use will
result in being locked out of the system (that is, if you specify line, you
effectively apply default values and preserve your ability to log into the
system).
■
The group option allows you to use the default RADIUS or TACACS+
server group or to use a group name to specify a defined server group.
Specify enable to use the enable password.
■
Specify line to apply authentication to individual console or terminal line
■
connections to the switch.
Specify local to enable users (configured with the username command) to
■
access the system.
Specify none to bypass authentication entirely.
■
Configuring Authentication Method Lists
To define the authentication method list for Privileged Exec mode, enter the
following command from Configuration mode:
ProCurve(config)#aaa authentication enable default [group
{radius | "tacacs+" | <group name>}...[enable | line | none]
Security Configuration
Configuring Authentication
5-11