Command Line Reference Guide
Security | 1215
Authentication and Password Commands
This section contains the following commands controlling management access to the system:
• aaa authentication enable
• aaa authentication login
• access-class
• enable password
• enable restricted
• enable secret
• login authentication
• password
• password-attributes
• privilege level (CONFIGURATION mode)
• privilege level (LINE mode)
• service password-encryption
• show privilege
• show users
• timeout login response
• username
aaa authentication enable
c e s
Configure AAA Authentication method lists for user access to the EXEC privilege mode (the “Enable”
access).
Syntax
aaa authentication enable {default | method-list-name} method [... method2]
To return to the default setting, use the no aaa authentication enable {default | method-list-name}
method [... method2] command.
Parameters
default Enter the keyword default followed by the authentication methods to use as the
default sequence of methods to be used for the Enable log-in.
Default:
default enable
method-list-name
Enter a text string (up to 16 characters long) to name the list of enabled authentication
methods activated at log in.
method
Enter one of the following methods:
•
enable - use the password defined by the enable password command in the
CONFIGURATION mode.
•
line - use the password defined by the password command in the LINE mode.
•
none - no authentication.
• radius - use the RADIUS server(s) configured with the radius-server host
command.
•
tacacs+ - use the TACACS+ server(s) configured with the tacacs-server host
command.
... method2
(OPTIONAL) In the event of a “no response” from the first method, FTOS applies the
next configured method.