45 configuring user management – CANOGA PERKINS 9175 Configuration Guide User Manual

Page 268

Advertising
background image

CanogaOS Configuration Guide

45-1

45 Configuring User Management

User management increases the security of the system by keeping the unauthorized
users from guessing the password. The user is limited to a specific number of attempts
to successfully log in to the switch.
There are three load modes in the switch. In “no login” mode, anyone can load the switch
without authentication. In “login” mode, there is only one default user. In “login local”
mode, if you want to load the switch you need to have a user account.
Local user authentication uses local user accounts and passwords that you create to
validate the login attempts of local users. Each switch has a maximum of 32 local user
accounts. Before you can enable local user authentication, you must define at least one
local user account.
You can set up local user accounts by creating a unique username and password
combination for each local user. Each username must be fewer than 32 characters.
You can configure each local user account with a privilege level; the valid privilege levels
are 0 or 15. Once a local user is logged in, only the commands those are available for
that privilege level can be displayed.

45.1 Configuring the user management in login local mode

45.1.1 Enabling

password

checking

In order to authenticate the user access by a user name and password, the login mode
must be set to login local first as following steps:

DUT# configure terminal

Enter global configuration mode.

DUT(config)# line vty 0 7

Enter line configuration mode, use line console 0 if you
want to set console port access.

DUT(config-line)# login local

Enable local login authentication on the switch.

DUT(config)# exit

Exit the Configure mode

This is a sample output from the command displaying how to enable local login
authentication on the switch:

DUT(config)# line console 0
DUT(config-line)# login local

45.1.2 Setting high level of cipher detect

If you have set high level of cipher detect, the password must contain digital, normal char
and special char. And if you have set normal level of cipher detect, the password must
contain digital and normal char. The password can be any char, if you don’t choose
cipher detect.
To set high level of cipher detect, follow these steps:

DUT# configure terminal

Enter global configuration mode.

DUT(config)# cipher detect strong

Set high level of cipher detect on the switch

DUT(config)# exit

Exit the Configure mode

Advertising
Popular Brands
Popular manuals