44 configuring user management – CANOGA PERKINS CanogaOS Configuration Guide User Manual

Page 331

Advertising
background image

CanogaOS Configuration Guide

Proprietary & Confidential Canoga Perkins Metro Ethernet Switches

Page 331 of 350

44 Configuring User Management

User management increases the security of the system by keeping the unauthorized users from
guessing the password. The user is limited to a specific number of attempts to successfully log in
to the switch.

There are three load modes in the switch. In “no login” mode, anyone can load the switch
without authentication. In “login” mode, there is only one default user. In “login local” mode, if
you want to load the switch you need to have a user account.

Local user authentication uses local user accounts and passwords that you create to validate the
login attempts of local users. Each switch has a maximum of 32 local user accounts. Before you
can enable local user authentication, you must define at least one local user account.

You can set up local user accounts by creating a unique username and password combination for
each local user. Each username must be fewer than 32 characters.

You can configure each local user account with a privilege level; the valid privilege levels are 0
or 15. Once a local user is logged in, only the commands those are available for that privilege
level can be displayed.

44.1 Configuring the user management in login local mode

44.1.1 Enabling password checking
In order to authenticate the user access by a user name and password, the login mode must be set
to login local first as following steps:

DUT# configure terminal

Enter global configuration mode.

DUT(config)# line vty 0 7

Enter line configuration mode, use line console 0 if you

want to set console port access.

DUT(config-line)# login local

Enable local login authentication on the switch.

DUT(config)# exit

Exit the Configure mode

This is a sample output from the command displaying how to enable local login authentication
on the switch:

DUT(config)# line console 0

DUT(config-line)# login local

44.1.2 Setting high level of cipher detect
If you have set high level of cipher detect, the password must contain digital, normal char and
special char. And if you have set normal level of cipher detect, the password must contain digital
and normal char. The password can be any char, if you don’t choose cipher detect.
To set high level of cipher detect, follow these steps:

Advertising
Popular Brands
Popular manuals