PurposeCommand or Action
Enables the Authentication, Authorization, and
Accounting (AAA) access control model.
aaa new-model
Example:
Step 3
Device(config)# aaa new-model
Sets AAA authentication to use the local
username database for authentication at login.
aaa authentication login default local
Example:
Step 4
Device(config)# aaa authentication login
default local
Sets the parameters that restrict user access to
a network, runs the authorization to determine
aaa authorization exec default local
Example:
Step 5
if the user ID is allowed to run an privileged
Device(config)# aaa authorization exec
default local
EXEC shell, and specifies that the system must
use the local database for authorization.
Establishes a username-based authentication
system, and specifies the username, privilege
level, and an unencrypted password.
username name privilege privilege-level
password password
Example:
Step 6
The minimum required value for
the privilege-level argument is 15.
A privilege level of less than 15
results in the connection closing.
Note
Device(config)# username samplename
privilege 15 password password1
Sets the time interval (in seconds) that the
device waits for the SSH client to respond.
ip ssh time-out seconds
Example:
Step 7
Device(config)# ip ssh time-out 120
Sets the number of authentication attempts
after which the interface is reset.
ip ssh authentication-retries integer
Example:
Step 8
Device(config)# ip ssh
authentication-retries 3
Enables the device to securely copy files from
a remote workstation.
ip scp server enable
Example:
Step 9
Device(config)# ip scp server enable
(Optional) Enables SSH bulk data transfer
mode to enhance the throughput performance
of SCP.
ip ssh bulk-mode
Example:
Device(config)# ip ssh bulk-mode
Step 10
System Management Configuration Guide, Cisco IOS XE Bengaluru 17.4.x (Catalyst 9400 Switches)
322
Secure Copy
Enabling Secure Copy on the SSH Server