Cisco Systems SMC-127 manual Disabling Remote Login for SDRs, SMC-161

Page 35

Configuring Secure Domain Routers on Cisco IOS XR Software

How to Configure Secure Domain Routers

Step 14

Step 15 Step 16

	Command or Action	Purpose

	Username:xxxx	Logs back in with the SDR administrator username and
	Password:xxxx	password you created. This username is used to configure
		the secure domain router and create other users with fewer
	Example:	privileges.
	Example:
	Press RETURN to get started.	• This step verifies proper SDR administrator username
	Username:user1	and password configuration.
	Password:xxxxx	and password configuration.
	Password:xxxxx
		• After you create the SDR username and password, you
		need to provide the SDR username and password to the
		operators who will use that SDR.

	Provide the new username and password to the user.

	Disable admin plane authentication.	See Disabling Remote Login for SDRs, page SMC-161for
		more information.

Disabling Remote Login for SDRs

When you disable admin plane authentication, the admin username cannot be used to log in to non-owner SDRs. Only local SDR usernames can be used to log into the SDR.

SUMMARY STEPS

1.admin

2.configure

3.no aaa authentication login remote local

4.end or commit

DETAILED STEPS

	Command or Action	Purpose
Step 1
Step 1	admin	Enters Administration EXEC mode.
	Example:
	RP/0/RP0/CPU0:router# admin
Step 2
Step 2	configure	Enters Administration configuration mode.
	Example:
	RP/0/RP0/CPU0:router(admin)# configure

Cisco IOS XR System Management Configuration Guide

SMC-161

Image 35

Contents Contents Configuring Secure Domain Routers on Cisco IOS XR SoftwareSMC-128 Prerequisites for Configuring Secure Domain RoutersSMC-129 Information About Configuring Secure Domain RoutersWhat Is a Secure Domain Router? Owner SDR and Administration Configuration ModeSMC-130 SDR Access PrivilegesNon-Owner SDRs Root-System UsersSMC-131 Root-lr UsersOther SDR Users SMC-132 Designated Secure Domain Router System Controller DsdrscDSCs and DSDRSCs in a Cisco CRS-1 Router SMC-133 DSC and DSDRSCs in a Cisco XR 12000 Series RouterSMC-134 SMC-135 Default Configuration for New Non-Owner SDRsRemoving a Dsdrsc Configuration Default Software Profile for SDRsDsdrsc Redundancy Fault IsolationRebooting an SDR High Availability ImplicationsSMC-137 Cisco IOS XR Software Package ManagementSMC-138 DSC Migration on Cisco CRS-1 Multishelf SystemsSMC-139 CaveatsCreating SDRs How to Configure Secure Domain RoutersContents SMC-141 Summary StepsSMC-142 Command or Action PurposeExample SMC-143 To assign a DRP pair as the DsdrscTo assign a single DRP node as the Dsdrsc To assign an RP pair as the DsdrscSMC-144 To add a single nodeTo add a DRP pair To add an RP pairSMC-145 Creating SDRs in a 12000 Series RouterSMC-146 DSDRSCs in a Cisco XR 12000 Series Router section onSee the DSC and DSDRSCs in a Cisco XR 12000 Series Router section on page SMC-133SMC-147 Refer to the Adding Nodes to a Non-Owner SDR sectionSMC-148 Adding Nodes to a Non-Owner SDRAdding Nodes to an SDR in a Cisco CRS-1 Router SMC-149 Creating SDRs in a Cisco CRS-1 RouterSMC-150 Adding Nodes to an SDR in a Cisco XR 12000 Series RouterSMC-151 Removing Nodes and SDRsA Cisco XR 12000 Series Router section on SMC-152 To remove an RP pair To remove a DsdrscTo remove a single node To remove a DRP pairSMC-154 SMC-155 Nodes to an SDR in a Cisco XR 12000 Series RouterSection on page SMC-150 SMC-156 Removing a Secure Domain RouterSMC-157 Configuring a Username and Password for a Non-Owner SDRSMC-158 Group root-lr End or commit ExitSMC-159 System Security Configuration Guide for moreSMC-160 SMC-161 Disabling Remote Login for SDRsSee Disabling Remote Login for SDRs, page SMC-161for SMC-162 Configuration Examples for Secure Domain RoutersCreating a New SDR on a Cisco CRS-1 Router Creating an SDR on a Cisco XR 12000 Series RouterSMC-163 MIBs Additional ReferencesRelated Documents StandardsDescription Link RFCsTechnical Assistance RFCs TitleSMC-166