Cisco Systems 3560X Manual De Usuario
10-44
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-21521-01
Chapter 10 Configuring Switch-Based Authentication
Configuring the Switch for Secure Shell
To disable AAA, use the no aaa new-model global configuration command. To disable authorization,
use the no aaa authorization {network | exec} method1 global configuration command.
use the no aaa authorization {network | exec} method1 global configuration command.
Note
To secure the switch for HTTP access by using AAA methods, you must configure the switch with the
ip http authentication aaa
ip http authentication aaa
global configuration command. Configuring AAA authentication does not
secure the switch for HTTP access by using AAA methods.
For more information about the ip http authentication command, see the Cisco IOS Security Command
Reference, Release 12.2
Reference, Release 12.2
.
Configuring the Switch for Secure Shell
These sections describe how to configure the Secure Shell (SSH) feature.
•
•
•
For SSH configuration examples, see the “SSH Configuration Examples” section in the “Configuring
Secure Shell” section in the “Other Security Features” chapter of the Cisco IOS Security Configuration
Guide, Cisco IOS Release 12.2
Secure Shell” section in the “Other Security Features” chapter of the Cisco IOS Security Configuration
Guide, Cisco IOS Release 12.2
, at this URL:
Step 6
username
name [privilege level]
{password encryption-type password}
Enter the local database, and establish a username-based authentication
system.
system.
Repeat this command for each user.
•
For name, specify the user ID as one word. Spaces and quotation
marks are not allowed.
marks are not allowed.
•
(Optional) For level, specify the privilege level the user has after
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 0 gives user EXEC mode access.
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 0 gives user EXEC mode access.
•
For encryption-type, enter 0 to specify that an unencrypted password
follows. Enter 7 to specify that a hidden password follows.
follows. Enter 7 to specify that a hidden password follows.
•
For password, specify the password the user must enter to gain access
to the switch. The password must be from 1 to 25 characters, can
contain embedded spaces, and must be the last option specified in the
username
to the switch. The password must be from 1 to 25 characters, can
contain embedded spaces, and must be the last option specified in the
username
command.
Step 7
end
Return to privileged EXEC mode.
Step 8
show running-config
Verify your entries.
Step 9
copy running-config startup-config
(Optional) Save your entries in the configuration file.
Command
Purpose