Support User Manuals

Brocade Communications Systems 6650 Switch User Manual

Open as PDF

of 332

Brocade ICX 6650 Security Configuration Guide 17

53-1002601-01

Local user accounts

For example, to specify that the Line, Enable, and Local passwords be at least 8 characters, enter

the following command.

Brocade(config)# enable password-min-length 8

Syntax: enable password-min-length number-of-characters

The number-of-characters can be from 1–48.

Local user accounts

You can define up to 16 local user accounts on a Brocade device. User accounts regulate who can

access the management functions in the CLI using the following methods:

• Telnet access

• SNMP access

Local user accounts provide greater flexibility for controlling management access to Brocade

devices than do management privilege level passwords and SNMP community strings of SNMP

versions 1 and 2. You can continue to use the privilege level passwords and the SNMP community

strings as additional means of access authentication. Alternatively, you can choose not to use local

user accounts and instead continue to use only the privilege level passwords and SNMP

community strings. Local user accounts are backward-compatible with configuration files that

contain privilege level passwords. Refer to “Setting passwords for management privilege levels” on

page 14.

If you configure local user accounts, you also need to configure an authentication-method list for

Telnet access and SNMP access. Refer to “Authentication-method lists” on page 58.

For each local user account, you specify a user name. You also can specify the following

parameters:

• A password

• A management privilege level, which can be one of the following:

- Super User level (default) – Allows complete read-and-write access to the system. This is

generally for system administrators and is the only privilege level that allows you to

configure passwords.

- Port Configuration level – Allows read-and-write access for specific ports but not for global

parameters.

- Read Only level – Allows access to the Privileged EXEC mode and User EXEC mode with

read access only.

• You can set additional username and password rules. Refer to “Enhancements to username

and password”.

Enhancements to username and password

This section describes the enhancements to the username and password features introduced in

earlier releases.

The following rules are enabled by default:

• Users are required to accept the message of the day.

previous next