Filter
Top Products
2-211
Catalyst 6500 Series Switch Command Reference—Release 7.6
78-15328-01
Chapter 2 Catalyst 6500 Series Switch and ROM Monitor Commands
set authentication login
set authentication login
To enable TACACS+, RADIUS, or Kerberos as the authentication method for login, use the set
authentication login command.
set authentication login {radius | tacacs | kerberos} enable [console | telnet | http | all]
[primary]
set authentication login {radius | tacacs | kerberos} disable [console | telnet | http | all]
set authentication login {enable | disable} [console | telnet | http | all]
set authentication login local {enable | disable} [console | telnet | http | all]
set authentication login attempt count [console | telnet]
set authentication login lockout time [console | telnet]
Syntax Description
Defaults Local authentication is the primary authentication method for login.
Command Types Switch command.
Command Modes Privileged.
radius Specifies the use of the RADIUS server password to determine if you have
access permission to the switch.
tacacs Specifies the use of the TACACS+ server password to determine if you have
access permission to the switch.
kerberos Specifies the Kerberos server password to determine if you have access
permission to the switch.
enable Enables the specified authentication method for login.
console (Optional) Specifies the authentication method for console sessions.
telnet (Optional) Specifies the authentication method for Telnet sessions.
http (Optional) Specifies the authentication method for HTTP sessions.
all (Optional) Specifies the authentication method for all session types.
primary (Optional) Specifies that the method specified is the primary authentication
method for login.
disable Disables the specified authentication method for login.
local Specifies a local password to determine if you have access permission to the
switch.
attempt
count
Specifies the number of login attempts before initiating an error; valid values
are 0, from 3 to 10, and 0 to disable.
lockout
time
Specifies the lockout timeout; valid values are from 30 to 43200 seconds, and
0 to disable.