6-13
Cisco Aironet 1100 Series Access Point Installation and Configuration Guide
OL-2851-01
Chapter 6 Administering the Access Point
Configuring the Access Point for Secure Shell
To disable AAA, use the no aaa new-model global configuration command. To disable authorization,
use the no aaa authorization {network | exec} method1 global configuration command.
Configuring the Access Point for Secure Shell
This section describes how to configure the Secure Shell (SSH) feature.
Note For complete syntax and usage information for the commands used in this section, refer to the “Secure
Shell Commands” section in the Cisco IOS Security Command Reference for Release 12.2.
Understanding SSH
SSH is a protocol that provides a secure, remote connection to a Layer 2 or a Layer 3 device. There are
two versions of SSH: SSH version 1 and SSH version 2. This software release supports only SSH
version 1.
SSH provides more security for remote connections than Telnet by providing strong encryption when a
device is authenticated. The SSH feature has an SSH server and an SSH integrated client. The client
supports these user authentication methods:
• RADIUS (for more information, see the “Controlling Access Point Access with RADIUS” section
on page 6-7)
• Local authentication and authorization (for more information, see the “Configuring the Access Point
for Local Authentication and Authorization” section on page 6-12)
For more information about SSH, refer to the “Configuring Secure Shell” section in the Cisco IOS
Security Configuration Guide for Release 12.2.
Step 6
username name [privilege level]
{password encryption-type password}
Enter the local database, and establish a username-based authentication
system.
Repeat this command for each user.
• For name, specify the user ID as one word. Spaces and quotation
marks are not allowed.
• (Optional) For level, specify the privilege level the user has after
gaining access. The range is 0 to 15. Level 15 gives privileged EXEC
mode access. Level 0 gives user EXEC mode access.
• For encryption-type, enter 0 to specify that an unencrypted password
follows. Enter 7 to specify that a hidden password follows.
• For password, specify the password the user must enter to gain access
to the access point. The password must be from 1 to 25 characters,
can contain embedded spaces, and must be the last option specified
in the username command.
Step 7
end Return to privileged EXEC mode.
Step 8
show running-config Verify your entries.
Step 9
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
To Next Page
Loading...
