Vty Line Authentication And Authorization; Configuring Simple Authentication - Juniper SYSTEM BASICS - CONFIGURATION GUIDE V 11.1.X Configuration Manual

Vty Line Authentication and Authorization

The router supports 30 virtual tty (vty) lines for Telnet, Secure Shell Server (SSH) and
FTP services. Each Telnet, SSH, or FTP session requires one vty line. You can add
security to your router by configuring the software to validate login requests. There
are two modes of authentication for a vty line:
You can enable AAA authorization, which allows you to limit the services available
to a user. Based on information retrieved from a user's profile, the user is either
granted or denied access to the requested server.

Configuring Simple Authentication

To configure simple authentication:
1.
2.
3.
4.
line
13 7 (password)
14 7 (password)
See show secrets.
Simple authentication Password-only authentication through the local
configuration
AAA authentication Username and password authentication through a set of
authentication servers
Specify a vty line or a range of vty lines on which you want to enable the
password.
host1(config)#line vty 8 13
host1(config-line)#
Specify the password for the vty lines.
host1(config-line)#password 0 mypassword
Enable login authentication on the lines.
host1(config-line)#login
Display your vty line configuration.
host1#show line vty 8
no access-class in
data-character-bits 8
exec-timeout never
exec-banner enabled
motd-banner enabled
login-timeout 30 seconds
Chapter 7: Passwords and Security
zRFj_6>^]1OkZR@e!|S$ inherited
zRFj_6>^]1OkZR@e!|S$ inherited
Vty Line Authentication and Authorization
427