Chapter 9
Configuring Switch-Based Authentication
Command
Step 6
username name [privilege level]
{password encryption-type password}
Step 7
end
Step 8
show running-config
Step 9
copy running-config startup-config
To disable AAA, use the no aaa new-model global configuration command. To disable authorization,
use the no aaa authorization {network | exec} method1 global configuration command.
Configuring the Switch for Secure Shell
This section describes how to configure the Secure Shell (SSH) feature. To use this feature, the
cryptographic (encrypted) software image must be installed on your switch. You must obtain
authorization to use this feature and to download the cryptographic software files from Cisco.com. For
more information, refer to the release notes for this release.
This section contains this information:
•
•
•
For SSH configuration examples, refer to the "SSH Configuration Examples" section in the
"Configuring Secure Shell" chapter of the Cisco IOS Security Configuration Guide, Cisco IOS
Release 12.2, at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fothersf/
scfssh.htm
For complete syntax and usage information for the commands used in this section, refer to the command
Note
reference for this release and the command reference for Cisco IOS Release 12.2 at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/index.htm.
78-16180-02
Purpose
Enter the local database, and establish a username-based authentication
system.
Repeat this command for each user.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Understanding SSH, page 9-38
Configuring SSH, page 9-39
Displaying the SSH Configuration and Status, page 9-41
For name, specify the user ID as one word. Spaces and quotation
•
marks are not allowed.
(Optional) For level, specify the privilege level the user has after
•
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 0 gives user EXEC mode access.
For encryption-type, enter 0 to specify that an unencrypted password
•
follows. Enter 7 to specify that a hidden password follows.
For password, specify the password the user must enter to gain access
•
to the switch. The password must be from 1 to 25 characters, can
contain embedded spaces, and must be the last option specified in the
username command.
Catalyst 3750 Switch Software Configuration Guide
Configuring the Switch for Secure Shell
9-37