Table of Contents
Advertisement
User authentication
To remove a group from a user:
a. Use the show command to determine the index number of the group to be deleted:
(config auth user new_user> show group
0 admin
1 serial
(config auth user new_user>
b. Type the following:
(config auth user new_user)> del group n
(config auth user new_user)>
Where n is index number of the authentication method to be deleted. For example, to
delete the serial group as displayed by the example show command, above:
(config auth user new_user)> del group 1
(config auth user new_user)>
8. (Optional) Add SSH keys for the user to use passwordless SSH login:
a. Change to the user's ssh_key node:
(config auth user new_user)> ssh_key
(config auth user new_user ssh_key)>
b. Add the key by using the ssh_key command and pasting or typing a public encryption key
that this user can use for passwordless SSH login:
(config auth user new_user ssh_key)> ssh_key key
(config auth user new_user ssh_key)>
9. (Optional) Configure two-factor authentication for SSH, telnet, and serial console login:
a. Change to the user's two-factor authentication node:
(config auth user new_user)> 2fa
(config auth user new_user 2fa)>
b. Enable two-factor authentication for this user:
(config auth user new_user 2fa)> enable true
(config auth user new_user 2fa)>
c. Configure the verification type. Allowed values are:
n
n
The default value is totp.
(config auth user new_user 2fa)> type totp
(config auth user new_user 2fa)>
TX54 User Guide
totp: Time-based One-Time Password (TOTP) authentication uses the current time
to generate a one-time password.
hotp: HMAC-based One-Time Password (HOTP) uses a counter to validate a one-
time password.
Local users
751
Advertisement
Table of Contents
