Changing a local user password, Tacacs and tacacs+ security, How tacacs+ differs from tacacs – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 44

Advertising
background image

24

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

TACACS and TACACS+ security

Changing a local user password

To change a local user password for an existing local user account, enter a command such as the
following at the global CONFIG level of the CLI.

NOTE

You must be logged on with Super User access (privilege level 0) to change user passwords.

Brocade(config)# username wonka password willy

If password masking is enabled, enter the username, press the [Enter] key, then enter the
password.

Brocade(config)# username wonka password
Enter Password: willy

The above commands change wonka's user name password to “willy”.

Syntax: [no] username user-string password password-string

Enter up to 48 characters for user-string.

The password-string parameter is the user password. The password can be up to 48 characters
and must differ from the current password and two previously configured passwords.

When a password is changed, a message such as the following is sent to the Syslog.

SYSLOG: <14>Jan 1 00:00:00 10.44.9.11 Security: Password has been changed for user
tester from console session.

The message includes the name of the user whose password was changed and during which
session type, such as Console, Telnet, SSH, SNMP, or others, the password was changed.

TACACS and TACACS+ security

You can use the security protocol Terminal Access Controller Access Control System (TACACS) or
TACACS+ to authenticate the following kinds of access to the Brocade device:

Telnet access

SSH access

Console access

Access to the Privileged EXEC level and CONFIG levels of the CLI

The TACACS and TACACS+ protocols define how authentication, authorization, and accounting
information is sent between a Brocade device and an authentication database on a
TACACS/TACACS+ server. TACACS/TACACS+ services are maintained in a database, typically on a
UNIX workstation or PC with a TACACS/TACACS+ server running.

How TACACS+ differs from TACACS

TACACS is a simple UDP-based access control protocol originally developed by BBN for MILNET.
TACACS+ is an enhancement to TACACS and uses TCP to ensure reliable delivery.

Advertising
Popular Brands
Popular manuals