User Guide 738
Configuring AAA AAA Configuration
Step 2 Use the following command to create an enable password unencrypted or symmetric
encrypted.
enable admin password { [ 0 ]
password
| 7
encrypted-password
}
0 indicates that an unencrypted key will follow.
password
is a string with 31 characters at most, which can contain only English letters
(case-sensitive), digits and 17 kinds of special characters. The special characters are
!$%’()*,-./[]_{|}.
7 indicates that a symmetric encrypted key with a fixed length will follow. By default, the
encryption type is 0.
encrypted-password
is a symmetric encrypted key with a fixed length, which you can copy
from the configuration file of another switch. The key or encrypted-key you configured here
will be displayed in the encrypted form.
Use the following command to create an enable password unencrypted or MD5 encrypted.
enable admin secret { [ 0 ]
password
| 5
encrypted-password
}
0 indicates that an unencrypted key will follow.
password
is a string with 31 characters at most, which can contain only English letters
(case-sensitive), digits and 17 kinds of special characters. The special characters are
!$%’()*,-./[]_{|}.
5 indicates that an MD5 encrypted password with fixed length will follow. By default, the
encryption type is 0.
encrypted-password
is an MD5 encrypted password with fixed length, which you can copy
from another switch’s configuration file.
Step 3 end
Return to privileged EXEC mode.
Step 4 copy running-config startup-config
Save the settings in the configuration file.
■ On the Server
The accounts created by the RADIUS/TACACS+ server can only view the configurations
and some network information without the Enable password.
Some configuration principles on the server are as follows:
■ For Login authentication configuration, more than one login account can be created on
the server. Besides, both the user name and password can be customized.
■ For Enable password configuration:
On RADIUS server, the user name should be set as $enable$, and the Enable password
is customizable. All the users trying to get administrative privileges share this Enable
password.
To Next Page
Loading...
