System security is handled through the AAA (Authentication, Authorization, and Accounting) mechanism that manages user access rights, privileges, and management methods. AAA uses both local and remote user databases. Data encryption is handled through the SSH mechanism.
The system is delivered with no default password configured; all passwords are user-defined. If a user-defined password is lost, a password recovery procedure can be invoked from the Startup menu. The procedure is applicable for the local terminal only and allows a one-time access to the device from the local terminal with no password entered.
Configuring Security Passwords
The security passwords can be configured for the following services:
Console
Telnet
SSH
HTTP
HTTPS
NOTE: Passwords are user-defined.
NOTE: When creating a user name, the default priority is "1," which allows access but not configuration rights. A priority of "15" must be set to enable access and configuration rights to the device. Although user names can be assigned privilege level 15 without a password, it is recommended to always assign a password. If there is no specified password, privileged users can access the Web interface with any password.
Configuring an Initial Console Password
To configure an initial console password, enter the following commands:
- Código: Selecionar todos
console(config)# aaa authentication login default line
console(config)# aaa authentication enable default line
console(config)# line console
console(config-line)# login authentication default
console(config-line)# enable authentication default
console(config-line)# password george
When initially logging on to a device through a console session, enter george at the password prompt.
When changing a device's mode to enable, enter george at the password prompt.
Configuring an Initial Telnet Password
To configure an initial Telnet password, enter the following commands:
- Código: Selecionar todos
console(config)# aaa authentication login default line
console(config)# aaa authentication enable default line
console(config)# line telnet
console(config-line)# login authentication default
console(config-line)# enable authentication default
console(config-line)# password bob
When initially logging onto a device through a Telnet session, enter bob at the password prompt.
When changing a device mode to enable, enter bob.
Configuring an Initial SSH password
To configure an initial SSH password, enter the following commands:
- Código: Selecionar todos
console(config)# aaa authentication login default line
console(config)# aaa authentication enable default line
console(config)# line ssh
console(config-line)# login authentication default
console(config-line)# enable authentication default
console(config-line)# password jones.
When initially logging onto a device through a SSH session, enter jones at the password prompt.
When changing a device's mode to enable, enter jones.
Configuring an Initial HTTP Password
To configure an initial HTTP password, enter the following commands:
- Código: Selecionar todos
console(config)# ip http authentication local
console(config)# username admin password user1 level 15
Configuring an initial HTTPS password:
To configure an initial HTTPS password, enter the following commands:
- Código: Selecionar todos
console(config)# ip https authentication local
console(config)# username admin password user1 level 15
Enter the following commands once when configuring to use a console, a Telnet, or an SSH session in order to use an HTTPS session.
NOTE: In the Web browser enable SSL 2.0 or greater for the content of the page to appear.
- Código: Selecionar todos
console(config)# crypto certificate generate key_generate
console(config)# ip https server
When initially enabling an http or https session, enter admin for user name and user1 for password.
http://sipi.usc.edu/manuals/dell/6024/u ... nfigur.htm