32
Configuring scheme authentication for console login
Prerequisites
You have logged in to the device.
By default, log in to the device through the console port without authentication and have user privilege level
3 after login. For information about logging in to the device with the default configuration, see
“Configuration requirements.”
Procedure
To configure scheme authentication for console login:
Ste
Command
Remarks
1. Enter system view.
system-view —
2. Enter AUX user interface
view.
user-interface aux
first-number
[ last-number ]
—
3. Specify scheme
authentication mode.
authentication-
mode scheme
Required.
Whether local, RADIUS, or HWTACACS authentication
is adopted depends on the configured AAA scheme.
By default, users that log in through the console port are
not authenticated.
4. Enable command
authorization.
command
authorization
Optional.
• By default, command authorization is not enabled.
• By default, the command level depends on the user
privilege level. A user is authorized a command level
not higher than the user privilege level. With
command authorization enabled, the command
level for a login user is determined by both the user
privilege level and AAA authorization. If a user
executes a command of the corresponding
command level, the authorization server checks
whether the command is authorized. If it is, the
command can be executed.
• Before enabling command authorization, configure
the AAA authorization server. After you enable
command authorization, only commands authorized
by the AAA authorization server can be executed.
To Next Page
Loading...
Need help?
General
