aaa authentication login - 188金宝搏的网址

Syntax

aaa authentication login{local | group} no aaa authentication login

Description

Defines authentication as being local (with the namelocal) (the default). Or defines a sequence of remote AAA server groups to be accessed for authentication purposes. Each available connection type (channel) can be configured individually as either local or using remote AAA server groups. All server groups named in your command, must exist. This command can be issued multiple times, once for each connection type. Local is always available for any connection type not configured for remote AAA authentication.

Thenoform of this command removes for the specified connection type, any defined remote AAA server group authentication sequence. Local authentication is available for connection types without a configured remote AAA server group list (whether default or for the specific connection type).

Command context

config

Parameters

其中一个连接类型(渠道):

default: Defines a list of authentication server groups to be used for thedefaultconnection type. This configuration applies to all other connection types (console,https-server,ssh) that are not explicitly configured with this command. For example, if you do not useaaa authentication login console...to define the console authentication list, then this default configuration is used for console.

console: Defines a list of authentication server groups to be used for theconsoleconnection type.

https-server: Defines a list of authentication server groups to be used for thehttps-server(REST, Web UI) connection type.

ssh: Defines a list of authentication server groups to be used for thesshconnection type.

local

Selects local-only authentication when used without thegroupparameter.

group

Specifies the list of remote AAA server group names. Each name can be specified one time. Predefined remote AAA group namestacacsandradius是available. Although not a group name, predefined namelocalis available. User-defined TACACS+ and RADIUS server group names may also be used. The remote AAA server groups are accessed in the order that the group names are listed in this command. Within each group, the servers are accessed in the order in which the servers were added to the group. Server groups are defined using commandaaa group serverand servers are added to a server group with the commandserver.

If no AAA server is reachable, local authentication is attempted.

Authority

Administrators or local user group members with execution rights for this command.

Examples

Setting local authentication for the default connection type:

switch(config)#aaa authentication login default local

Setting local authentication for the console connection type:

switch(config)#aaa authentication login console local