Chapter 9 Configuring Switch-Based Authentication

Configuring the Switch for Secure Shell

 

Command

Purpose

Step 6

 

 

username name [privilege level]

Enter the local database, and establish a username-based authentication

 

{password encryption-type password}

system.

 

 

Repeat this command for each user.

 

 

For name, specify the user ID as one word. Spaces and quotation

 

 

marks are not allowed.

 

 

(Optional) For level, specify the privilege level the user has after

 

 

gaining access. The range is 0 to 15. Level 15 gives privileged EXEC

 

 

mode access. Level 0 gives user EXEC mode access.

 

 

For encryption-type, enter 0 to specify that an unencrypted password

 

 

follows. Enter 7 to specify that a hidden password follows.

 

 

For password, specify the password the user must enter to gain access

 

 

to the switch. The password must be from 1 to 25 characters, can

 

 

contain embedded spaces, and must be the last option specified in the

 

 

username command.

Step 7

 

 

end

Return to privileged EXEC mode.

Step 8

 

 

show running-config

Verify your entries.

Step 9

 

 

copy running-config startup-config

(Optional) Save your entries in the configuration file.

 

 

 

To disable AAA, use the no aaa new-modelglobal configuration command. To disable authorization, use the no aaa authorization {network exec} method1 global configuration command.

Note To secure the switch for HTTP access by using AAA methods, you must configure the switch with the ip http authentication aaa global configuration command. Configuring AAA authentication does not secure the switch for HTTP access by using AAA methods.

For more information about the ip http authentication command, see the Cisco IOS Security Command Reference, Release 12.2.

Configuring the Switch for Secure Shell

This section describes how to configure the Secure Shell (SSH) feature. To use this feature, you must install the cryptographic (encrypted) software image on your switch. You must obtain authorization to use this feature and to download the cryptographic software files from Cisco.com. For more information, see the release notes for this release.

These sections contain this information:

Understanding SSH, page 9-38

Configuring SSH, page 9-39

Displaying the SSH Configuration and Status, page 9-41

Catalyst 3750-E and 3560-E Switch Software Configuration Guide

 

OL-9775-02

9-37

 

 

 

Page 239
Image 239
Cisco Systems 3750E manual Configuring the Switch for Secure Shell, Username name privilege level, Username command