Cisco Systems ME3400G2CSA Configuring the Switch for Secure Shell

7-37

Cisco ME 3400 EthernetAccess Switch SoftwareConfiguration Guide

78-17058-01

Chapter7 Configuring Switch-Ba sed Authentication Configuring the Switch for Secure Shell

To disable AAA, use the no aaa new-model global configuration command. To disable authorization,

use the no aaa authorization {network | exec} method1 global configuration command.

Configuring the Switch for Secure Shell

This section describes how to configure the Secure Shell (SSH) feature. To use this feature, yo u m ust

install the cryptographic (encrypted) software image on your switch. You must obtain authorization to

use this feature and to download the cryptograp hic soft ware f iles from Cisco. com. F or more in formation ,

see the release notes for this release.

These sections contain this information:

•Understanding SSH, page 7-38

•Configuring SSH, page 7-39

•Displaying the SSH Configuration and Status, page 7-41

For SSH configuration examples, see the “SSH Configuration Examples” section in the “Configuring

Secure Shell” chapter of the Cisco IOS Security Configuration Guide, Cisco IOS Release 12.2, at

this URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fothersf/

scfssh.htm

Note For complete syntax and usage information for the commands used in this section, see the command

reference for this release and the command reference for Cisco IOS Release 12.2 at this URL:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htm.

Step6 username name [privilege level]

{password encryption-type password}Enter the local database, and establish a username-based authentication

system.

Repeat this command for each user.

•For name, specify the user ID as one word. Spaces and quot at ion

marks are not allowed.

•(Optional) For level, specify the privilege level the user has after

gaining access. The range is 0 to 15. Level 15 gives privileged EXEC

mode access. Level 0 gives user EXEC mode access.

•For encryption-type, enter 0 to specify that an unencrypted password

follows. Enter 7 to specify that a hidden password follows.

•For password, specify the password the user must enter to gain access

to the switch. The password must be from 1 to 25 characters, can

contain embedded spaces, and must be the last option specified in the

username command.

Step7 end Return to privileged EXEC mode.

Step8 show running-config Verify your entries.

Step9 copy running-config startup-config (Optional) Save your entries in the configuration file.

Command Purpose