IBM 12.1(22)EA6 Manual Do Utilizador
5-6
Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide
24R9746
Chapter 5 Configuring Switch-Based Authentication
Protecting Access to Privileged EXEC Commands
This example shows how to set the Telnet password to let45me67in89:
Switch(config)# line vty 10
Switch(config-line)# password let45me67in89
Configuring Username and Password Pairs
You can configure username and password pairs, which are locally stored on the switch. These pairs are
assigned to lines or interfaces and authenticate each user before that user can access the switch. If you
have defined privilege levels, you can also assign a specific privilege level (with associated rights and
privileges) to each username and password pair.
assigned to lines or interfaces and authenticate each user before that user can access the switch. If you
have defined privilege levels, you can also assign a specific privilege level (with associated rights and
privileges) to each username and password pair.
Beginning in privileged EXEC mode, follow these steps to establish a username-based authentication
system that requests a login username and a password:
system that requests a login username and a password:
To disable username authentication for a specific user, use the no username name global configuration
command. To disable password checking and allow connections without a password, use the no login
line configuration command.
command. To disable password checking and allow connections without a password, use the no login
line configuration command.
Configuring Multiple Privilege Levels
By default, the software has two modes of password security: user EXEC and privileged EXEC. You
can configure up to 16 hierarchical levels of commands for each mode. By configuring multiple
passwords, you can allow different sets of users to have access to specified commands.
can configure up to 16 hierarchical levels of commands for each mode. By configuring multiple
passwords, you can allow different sets of users to have access to specified commands.
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
username name [privilege level]
{password encryption-type password}
{password encryption-type password}
Enter the username, privilege level, and password for each user.
•
For name, specify the user ID as one word. Spaces and quotation
marks are not allowed.
marks are not allowed.
•
(Optional) For level, specify the privilege level the user has after
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 1 gives user EXEC mode access.
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 1 gives user EXEC mode access.
•
For encryption-type, enter 0 to specify that an unencrypted password
will follow. Enter 7 to specify that a hidden password will follow.
will follow. Enter 7 to specify that a hidden password will follow.
•
For password, specify the password the user must enter to gain access
to the switch. The password must be from 1 to 25 characters, can
contain embedded spaces, and must be the last option specified in the
username command.
to the switch. The password must be from 1 to 25 characters, can
contain embedded spaces, and must be the last option specified in the
username command.
Step 3
line vty 0 15
Enter line configuration mode, and configure the VTY lines (line 0 to 15).
Step 4
login local
Enable local password checking at login time. Authentication is based on
the username specified in Step 2.
the username specified in Step 2.
Step 5
end
Return to privileged EXEC mode.
Step 6
show running-config
Verify your entries.
Step 7
copy running-config startup-config
(Optional) Save your entries in the configuration file.