Alcatel-Lucent ls 6248 User Guide
AAA Commands
289
4
Parameters
•
default
— Uses the listed authentication methods that follow this argument
as the default list of methods when a user logs in.
• list-name — Character string used to name the list of authentication
methods activated when a user logs in. (Range: 1-12 characters).
• method1 [method2...] — Specify at least one from the following table:
Default Setting
The local user database is checked. This has the same effect as the command
aaa authentication login
list-name local.
Note: On the console, login succeeds without any authentication check if the
authentication method is not defined.
Command Mode
Global Configuration mode
Command Usage
The default and optional list names created with the
aaa authentication login
command are used with the
login authentication
command.
Create a list by entering the
aaa authentication login
list-name method
command for a particular protocol, where list-name is any character string
used to name this list. The method argument identifies the list of methods that
the authentication algorithm tries, in the given sequence.
used to name this list. The method argument identifies the list of methods that
the authentication algorithm tries, in the given sequence.
The additional methods of authentication are used only if the previous method
returns an error, not if it fails. To ensure that the authentication succeeds even
if all methods return an error, specify
returns an error, not if it fails. To ensure that the authentication succeeds even
if all methods return an error, specify
none
as the final method in the
command line.
Example
The following example configures the authentication login.
Keyword
Description
enable
Uses the enable password for authentication.
line
Uses the line password for authentication.
local
Uses the local username database for authentication.
none
Uses no authentication.
radius
Uses the list of all RADIUS servers for authentication.
tacacs
Uses the list of all TACACS+ servers for authentication.
Console(config)#
aaa authentication login default radius local
enable none